![[2503.07199] How Well Can Differential Privacy Be Audited in One Run?](https://arxiv.org/static/browse/0.3.4/images/arxiv-logo-fb.png){kind=logo}
[2503.07199] How Well Can Differential Privacy Be Audited in One Run?
Summary
This article explores the efficacy of one-run auditing in differential privacy, highlighting its potential to improve the auditing process for machine learning algorithms while addressing the challenges posed by data interference.
Why It Matters
As machine learning increasingly integrates into sensitive applications, ensuring privacy through effective auditing methods is crucial. This research advances the understanding of one-run auditing, potentially leading to more reliable privacy assessments and better protection of user data in AI systems.
Key Takeaways
- One-run auditing can efficiently assess the privacy of machine learning algorithms.
- Interference between data elements poses a significant challenge to auditing efficacy.
- New conceptual approaches are proposed to minimize interference and improve auditing performance.
Computer Science > Machine Learning arXiv:2503.07199 (cs) [Submitted on 10 Mar 2025 (v1), last revised 20 Feb 2026 (this version, v4)] Title:How Well Can Differential Privacy Be Audited in One Run? Authors:Amit Keinan, Moshe Shenfeld, Katrina Ligett View a PDF of the paper titled How Well Can Differential Privacy Be Audited in One Run?, by Amit Keinan and 1 other authors View PDF HTML (experimental) Abstract:Recent methods for auditing the privacy of machine learning algorithms have improved computational efficiency by simultaneously intervening on multiple training examples in a single training run. Steinke et al. (2024) prove that one-run auditing indeed lower bounds the true privacy parameter of the audited algorithm, and give impressive empirical results. Their work leaves open the question of how precisely one-run auditing can uncover the true privacy parameter of an algorithm, and how that precision depends on the audited algorithm. In this work, we characterize the maximum achievable efficacy of one-run auditing and show that the key barrier to its efficacy is interference between the observable effects of different data elements. We present new conceptual approaches to minimize this barrier, towards improving the performance of one-run auditing of real machine learning algorithms. Subjects: Machine Learning (cs.LG); Cryptography and Security (cs.CR) Cite as: arXiv:2503.07199 [cs.LG] (or arXiv:2503.07199v4 [cs.LG] for this version) https://doi.org/10.48550/arXiv...