This is an optional second semester course at the IASD master of Université PSL taught with Muni Sreenivas Pydi (LAMSADE, Univ. Paris Dauphine-PSL).

This course covers the basics of Differential Privacy (DP), a framework that has become, in the last ten years, a de facto standard for enforcing user privacy in data processing pipelines. DP methods seek to reach a proper trade-off between protecting the characteristics of individuals and guaranteeing that the outcomes of the data analysis stays meaningful.

The first part of the course is devoted the basic notion of epsilon-DP and understanding the trade-off between privacy and accuracy, both from the empirical and statistical points of view. The second half of the course will cover more advanced aspects, including the different variants of DP and the their use to allow for privacy-preserving training of large and/or distributed machine learning models.

• Motivations, traditional approaches, randomized response
• Definition and properties of differential privacy
• Mechanisms for discrete/categorical data
• Mechanisms for continuous data
• Alternative notions of differential privacy
• Differential privacy for statistical learning
• Attacks and connections with robustness
• Local differential privacy and federated learning

This course does not have any prerequisite, except from basic knowledge of probabilities, statistics and Python programming.

Validation is through an individual homework (using Python) and the defense of a group project done on a research paper.

Recommended Readings

• The Algorithmic Foundations of Differential Privacy, C. Dwork & A. Roth, Foundations and Trends in Theoretical Computer Science (2014)
• Programming Differential Privacy, J. P. Near & C. Abuah, online book (2021)