A statistical framework for differential privacy

One goal of statistical privacy research is to construct a data release mechanism that protects individual privacy while preserving information content. Specifically, a randomized mechanism takes an input database $X$ and outputs a random database $Z$ according to a distribution $Q_n(\cdot |X)$. {\em Differential privacy} is a particular approach to this problem developed by computer scientists in which $Q_n(\cdot |X)$ is required to be insensitive to changes in one data point in $X$. This makes it difficult to infer from $Z$ whether a given individual is in the original database $X$. We consider differential privacy from a statistical perspective. We derive data release mechanisms that satisfy the differential privacy requirement while permitting accurate statistical inference. We also show a connection between the accuracy of privacy mechanisms and small ball probabilities.