Spring 2014

Instructor: Aaron Roth

Time: Friday 12:00-3:00 pm

Room: Towne 311

Overview: Differential Privacy is the name of a recently developed set of tools and goals for controlling the sensitivity of an algorithm to small changes in its input. In this seminar, we will consider an exciting set of connections forged in the last couple of years between this area and game theory and mechanism design. In general, this connection has two facets:

Prerequisites: This will be a mathematically rigorous theory course, but the only prerequisite is mathematical maturity. Prior coursework in algorithms, game theory, and mechanism design are helpful, but not required: this class will be self-contained.

Goals and Grading: The goal of this course is to introduce students to differential privacy and its connections to mechanism design, and then bring them up to the frontier of modern research. At the end of this course, students will be able to contribute to the research literature. As such, the main graded component of this course will be a research project. This project can be either a work of pure theory, or it can have a practical component. Students will meet with the instructor over the course of the semester, present their work at the end of the class, and will be encouraged to produce a paper with the intention of publishing it.

Book:**New (8/2014)** We now have a book publically available that serves as an introduction to the techniques of differential privacy. Its contents are largely orthogonal to this class, but provide a very useful supplement, and cover the algorithmic tools that would be necessary to carry out research in this area. The Algorithmic Foundations of Differential Privacy.

Topics Covered:

Time: Friday 12:00-3:00 pm

Room: Towne 311

Overview: Differential Privacy is the name of a recently developed set of tools and goals for controlling the sensitivity of an algorithm to small changes in its input. In this seminar, we will consider an exciting set of connections forged in the last couple of years between this area and game theory and mechanism design. In general, this connection has two facets:

- Tools from differential privacy can be used to design new game theoretic mechanisms, especially in large markets and games. This is because the notion of algorithmic sensitivity controlled by differential privacy is with respect to unilateral player deviations, which is the same notion of sensitivity required by game-theoretic equilibirum concepts. Applications here range from designing exactly truthful mechanisms without the use of money, to designing equilibrium selection mechanisms which can implement ex-post equilibria in games of incomplete information, to implementing Vickrey auctions with ascending price implementations, where truthful bidding remains a dominant strategy (rather than just a Nash equilibrium).
- Definitions and tools from differential privacy can be used to model and control agents preferences for privacy, which are increasingly important. This allows us to study the problem of whether we can design mechanisms that are truthful even in the presence for preferences for privacy. Note that this kind of preference is different from the standard utility commonly studied in mechanism design, since it involves preference over the mechanism, not just over the selected outcome. We will also study how to design markets to procure private data itself.

Prerequisites: This will be a mathematically rigorous theory course, but the only prerequisite is mathematical maturity. Prior coursework in algorithms, game theory, and mechanism design are helpful, but not required: this class will be self-contained.

Goals and Grading: The goal of this course is to introduce students to differential privacy and its connections to mechanism design, and then bring them up to the frontier of modern research. At the end of this course, students will be able to contribute to the research literature. As such, the main graded component of this course will be a research project. This project can be either a work of pure theory, or it can have a practical component. Students will meet with the instructor over the course of the semester, present their work at the end of the class, and will be encouraged to produce a paper with the intention of publishing it.

Book:

Topics Covered:

- Basics
- Definition and motivation of Differential Privacy. Definitions from game theory and mechanism design.
- Basic building blocks: numeric-valued functions, and perturbations from the Laplace distribution
- Basic building blocks: the exponential mechanism and non-numeric valued functions
- Composition theorems for differentially private algorithms
- Privacy as a Tool in Mechanism Design and Game Theory
- Asymptotically truthful mechanisms for digital goods auctions.
- Designing exactly truthful mechanisms without money
- Joint differential privacy and equilibrium selection in games of incomplete information
- Joint differential privacy and auction design
- An Anti-folk theorem in repeated games with imperfect monitoring
- Privacy as a desiderata in Mechanism Design
- Making the VCG mechanism private
- Designing truthful mechanisms in the presence of privacy preferences
- Designing procurement auctions to gather private data
- Other Topics as time permits (e.g. other approaches to privacy in economics)

Some
Relevant Papers:

- A survey on Privacy and Mechanism Design. Pai and Roth 2013.
- A survey on Privacy and Data Based Research. Heffetz and Ligett, 2013.
- Mechanism Design via Differential Privacy. McSherry and Talwar, 2007.
- Approximately Optimal Mechanism Design via Differential Privacy. Nissim, Smorodinsky, and Tennenholtz, 2011.
- Selling Privacy at Auction. Ghosh and Roth, 2011.
- Is Privacy Compatible with Truthfulness? Xiao, 2012.
- Truthful Mechanisms for Agents that Value Privacy. Chen, Cong, Kash, Moran, and Vadhan, 2012.
- Privacy Aware Mechanism Design. Nissim, Orlandi, and Smorodinsky, 2012.
- The Exponential Mechanism for Social Welfare: Private, Truthful, and Nearly Optimal. Huang and Kannan, 2012.
- A Theory of Pricing Private Data. Li, Li, Miklau, and Suciu, 2012.
- Mechanism Design in Large Games: Incentives and Privacy. Kearns, Pai, Roth, and Ullman, 2013.
- Privacy and Coordination: Computing on Databases with Endogenous Participation. Ghosh and Ligett, 2013.
- Linear Regression as a Non-Cooperative Game. Ioannidis and Loiseau, 2013.
- Private Matchings and Allocations. Hsu, Huang, Roth, Roughgarden, and Wu, 2013.
- Cryptography and the Economics of Supervisory Information. Flood, Katz, Ong, and Smith. 2013.
- Asymptotically Truthful Equilibrium Selection in Large Congestion Games. Rogers and Roth, 2013.
- Redrawing the Boundaries on Purchasing Data from Privacy-Sensitive Individuals. Nissim, Vadhan, and Xiao, 2014.
- The Empirical Implications of Privacy-Aware Choice. Cummings, Echenique, and Wierman, 2014.
- An Anti-Folk Theorem for Large Repeated Games with Imperfect Monitoring. Pai, Roth, and Ullman, 2014.
- Privacy-Preserving Public Information for Sequential Games. Blum, Morgenstern, Sharma, and Smith, 2014.

- Lecture 1: Intro to Differential Privacy for Game Theorists, and Digital Goods Auctions. (January 17).
- Lecture 2: Privacy as a Desideratum -- Making the Exponential Mechanism Truthful with Payments. (January 24)
- Lecture 3: Privacy as a Tool for Mechanism Design (for arbitrary objective functions) Without Money. (January 31)
- Lecture 4: The Empirical Implications of Privacy Aware Choice (Guest Lecture by Rachel Cummings). (February 7)
- Lecture 5: Private Equilibrium Computation for Ex-Post Implementation (Part 1) (February 14 <3)
- Lecture 6: Private Equilibrium Computation for Ex-Post Implementation (Part 2) (February 21)
- Lecture 7: Privacy Preserving Public Information for Sequential Games (Guest lecture by Jamie Morgenstern) (February 28)
- Lecture 8: Private Equilibrium Computation for Ex-Post Implementation (Part 3) (March 21)
- Lecture 9: Redrawing the Boundaries on Purchasing Data from Privacy-Sensitive Individuals (Guest Lecture by David Xiao) (March 28)
- Lecture 10: Sincere Bidding as an Asymptotic Ex-Post Dominant Strategy in Ascending Auctions (April 4)
- Lecture 11: Differential Privacy and Machine Learning (Guest Lecture by Kobbi Nissim) (April 11)
- Lecture 12: Privacy Gives an Anti-Folk Theorem in Repeated Games (April 18)

Related Courses: