Bayesian Estimation of Differential Privacy. (arXiv:2206.05199v2 [cs.LG] UPDATED)

Algorithms such as Differentially Private SGD enable training machine
learning models with formal privacy guarantees. However, there is a discrepancy
between the protection that such algorithms guarantee in theory and the
protection they afford in practice. An emerging strand of work empirically
estimates the protection afforded by differentially private training as a
confidence interval for the privacy budget $\varepsilon$ spent on training a
model. Existing approaches derive confidence intervals for $\varepsilon$ from
confidence intervals for the false positive and false …

differential privacy lg privacy