It has become common to publish large (billion parameter) language models that have been
trained on private datasets. This paper demonstrates that in such settings, an adversary can …

Abstract We investigate whether Differentially Private SGD offers better privacy in practice
than what is guaranteed by its state-of-the-art analysis. We do so via novel data poisoning …

Abstract Generative Adversarial Networks (GANs) are one of the well-known models to
generate synthetic data including images, especially for research communities that cannot …

Local differential privacy (LDP), where users randomly perturb their inputs to provide
plausible deniability of their data without the need for a trusted party, has been adopted …

We present new practical local differentially private heavy hitters algorithms achieving
optimal or near-optimal worst-case error--TreeHist and Bitstogram. In both algorithms, server …

The notion of Local Differential Privacy (LDP) enables users to respond to sensitive
questions while preserving their privacy. The basic LDP frequent oracle (FO) protocol …

Differentially private analysis of graphs is widely used for releasing statistics from sensitive
graphs while still preserving user privacy. Most existing algorithms however are in a …

We present a new locally differentially private algorithm for the heavy hitters problem that
achieves optimal worst-case error as a function of all standardly considered parameters …

Graph Neural Networks (GNNs) have demonstrated superior performance in learning node
representations for various graph inference tasks. However, learning over graph data can …

Accurately learning from user data while providing quantifiable privacy guarantees provides
an opportunity to build better ML models while maintaining user trust. This paper presents a …