Differential Privacy in Game Theory and Mechanism Design

Spring 2014
Instructor: Aaron Roth
Time: Friday 12:00-3:00 pm
Room: Towne 311

Overview: Differential Privacy is the name of a recently developed set of tools and goals for controlling the sensitivity of an algorithm to small changes in its input. In this seminar, we will consider an exciting set of connections forged in the last couple of years between this area and game theory and mechanism design. In general, this connection has two facets:
  • Tools from differential privacy can be used to design new game theoretic mechanisms, especially in large markets and games. This is because the notion of algorithmic sensitivity controlled by differential privacy is with respect to unilateral player deviations, which is the same notion of sensitivity required by game-theoretic equilibirum concepts. Applications here range from designing exactly truthful mechanisms without the use of money, to designing equilibrium selection mechanisms which can implement ex-post equilibria in games of incomplete information, to implementing Vickrey auctions with ascending price implementations, where truthful bidding remains a dominant strategy (rather than just a Nash equilibrium). 
  • Definitions and tools from differential privacy can be used to model and control agents preferences for privacy, which are increasingly important. This allows us to study the problem of whether we can design mechanisms that are truthful even in the presence for preferences for privacy. Note that this kind of preference is different from the standard utility commonly studied in mechanism design, since it involves preference over the mechanism, not just over the selected outcome. We will also study how to design markets to procure private data itself. 
For a survey of the area, see Pai and Roth
Prerequisites: This will be a mathematically rigorous theory course, but the only prerequisite is mathematical maturity. Prior coursework in algorithms, game theory, and mechanism design are helpful, but not required: this class will be self-contained.

Goals and Grading: The goal of this course is to introduce students to differential privacy and its connections to mechanism design, and then bring them up to the frontier of modern research. At the end of this course, students will be able to contribute to the research literature. As such, the main graded component of this course will be a research project. This project can be either a work of pure theory, or it can have a practical component. Students will meet with the instructor over the course of the semester, present their work at the end of the class, and will be encouraged to produce a paper with the intention of publishing it.

Book: New (8/2014) We now have a book publically available that serves as an introduction to the techniques of differential privacy. Its contents are largely orthogonal to this class, but provide a very useful supplement, and cover the algorithmic tools that would be necessary to carry out research in this area. The Algorithmic Foundations of Differential Privacy.

Topics Covered:
  1. Basics
    • Definition and motivation of Differential Privacy. Definitions from game theory and mechanism design.
    • Basic building blocks: numeric-valued functions, and perturbations from the Laplace distribution
    • Basic building blocks: the exponential mechanism and non-numeric valued functions
    • Composition theorems for differentially private algorithms
  2. Privacy as a Tool in Mechanism Design and Game Theory
    • Asymptotically truthful mechanisms for digital goods auctions.
    • Designing exactly truthful mechanisms without money
    • Joint differential privacy and equilibrium selection in games of incomplete information
    • Joint differential privacy and auction design
    • An Anti-folk theorem in repeated games with imperfect monitoring
  3. Privacy as a desiderata in Mechanism Design
    • Making the VCG mechanism private
    • Designing truthful mechanisms in the presence of privacy preferences
    • Designing procurement auctions to gather private data
  4. Other Topics as time permits (e.g. other approaches to privacy in economics)
Project: See here for project ideas and timeline.

Some Relevant Papers:

Lectures:

Related Courses: