DPrio: Efficient Differential Privacy with High Utility for Prio

Abstract

Private data collection systems such as Prio ensure data privacy by distributing trust among a set of mutually trusted parties, to allow for aggregate data collection without disclosing any single client's data in the clear. While systems like Prio are undergoing widespread interest and adoption, these systems lack efficient mechanisms to provide differential privacy guarantees. In this work, we present a lightweight method that we call DPrio to augment Prio and related systems with differential privacy assurances while ensuring higher data utility than existing noise generation protocols. We compare our results against four related constructions in the literature, and identify how DPrio achieves improved data utility relative to the assumed number of dishonest clients and servers, with only minimal (and batchable) server communication overhead. We present several case studies and discuss considerations for real-world implementations.