EPS
← All batches·2605.13503

Limits of Personalizing Differential Privacy Budgets

topic: current_projecttop score: 100released: 2026-05-14first surfaced: 2026-05-14arXivPDFthreats2026-05-14

Authors: Edwige Cyffers, Juba Ziani

arXiv · PDF

Summary

arXiv:2605. 13503v1 Announce Type: new Abstract: A key technical difficulty in differential privacy is selecting a privacy budget that satisfies privacy requirements while maximizing utility.

Relevance

Read next because Limits of Personalizing Differential Privacy Budgets overlaps with clean result "EOS-in-loss was the confound: masking the recipient's EOS from cross-entropy revives within-marker chunk-binding from 1.3% to 23.5% (MODERATE confidence)", clean result "The marker is a representational handle, not a behavioural one — sharing it between a villain persona and the assistant transfers no misalignment (HIGH confidence)", experiment "Can capability be taught through another persona?". Matching terms: persona, line, full. Source: arxiv cs.CR (Cryptography and Security).

Threat model

Potential threat/caveat for clean result "EOS-in-loss was the confound: masking the recipient's EOS from cross-entropy revives within-marker chunk-binding from 1.3% to 23.5% (MODERATE confidence)": this item discusses limitation, limitations.

Abstract

arXiv:2605.13503v1 Announce Type: new Abstract: A key technical difficulty in differential privacy is selecting a privacy budget that satisfies privacy requirements while maximizing utility. A natural and well-studied workaround is to use personalized privacy budgets, which may differ across agents. In this paper, we show that personalized budgets come with major limitations and that for mean estimation, the dominant factor is not full personalization, but rather choosing the right effective privacy budget. This can be achieved through a simple thresholding operator that we describe. Compared with this thresholding baseline, the gains obtained by fully personalized mechanisms are limited. In particular, we precisely quantify the constant-factor improvement in settings with mixed private and public datasets and in private datasets with two levels of privacy requirements. We also establish upper bounds and identify regimes of maximal gain for arbitrary privacy requirements.