The Policies of Designing Differentially Private Mechanisms: Utility First vs. Privacy First

Sensitivity-based methods are extensively used to construct differentially private mechanisms. In this paper, we realize that designing a differentially private mechanism can be considered as finding a randomized mapping between two metric spaces. The metric in the first metric space can be considered as a metric about privacy and the metric in the second metric space can be considered as a metric about utility. We find that the sensitivity-based methods are those just using the metric about utility to construct mechanisms. By the observation, we design mechanisms based on the metric about privacy. Furthermore, we design mechanisms based on the composition of the two metrics. Moreover, we find that most mechanisms, such as the global sensitivity mechanism [1], the Staircase mechanism [2,3], the Ladder mechanism [4] and the K-norm mechanism [5,6], can be considered as special cases of our mechanisms. Finally, we analyze these mechanisms and apply them to the subgraph counting problem and the linear query problem. The experiments show that our mechanisms (in most cases) have more accurate results than the state of the art mechanisms.