CSIS Seminar

PAC Privacy: Automatic Privacy Measurement and Control of Data Processing

Abstract

We propose and study a new privacy definition, termed Probably Approximately Correct (PAC) Privacy. PAC Privacy characterizes the information-theoretic hardness to recover sensitive data given arbitrary information disclosure/leakage during/after any processing. Unlike the classic cryptographic definition and Differential Privacy (DP), which consider the adversarial (input-independent) worst case, PAC Privacy is a simulatable metric that quantifies the instance-based impossibility of inference. A fully automatic analysis and proof generation framework is proposed: security parameters can be produced with arbitrarily high confidence via Monte-Carlo simulation for any black-box data processing oracle. On the utility side, the magnitude of (necessary) perturbation required in PAC Privacy is not lower bounded by Θ(√d) for a d-dimensional release but could be O(1) for many practical data processing tasks, which is in contrast to the input-independent worst-case information-theoretic lower bound. We discuss applications of PAC Privacy to statistical data processing tasks. Joint work with Hanshen Xiao.

Speaker Bio

Srini Devadas is the Webster Professor of EECS at the Massachusetts Institute of Technology, where he has been on the faculty since 1988. Devadas's current research interests are in computer architecture, computer security, and applied cryptography. In 2021, he received the IEEE Cybersecurity Award for Practice, and the ACM SIGSAC Award for Outstanding Innovation for his work on secure hardware. Devadas is a MacVicar Faculty Fellow and an Everett Moore Baker teaching award recipient, considered MIT's two highest undergraduate teaching honors.