Composition Properties of Bayesian Differential Privacy

Differential privacy is a rigorous privacy standard that has been applied to a range of data analysis tasks. To broaden the application scenarios of differential privacy when data records have dependencies, the notion of Bayesian differential privacy has been recently proposed. However, it is unknown whether Bayesian differential privacy preserves three nice properties of differential privacy: sequential composability, parallel composability, and post-processing. In this paper, we provide an affirmative answer to this question; i.e., Bayesian differential privacy still have these properties. The idea behind sequential composability is that if we have m algorithms Y1, Y2,ldots, Ym, where Y$\mathscrl$ is independently $e\mathscrl$-Bayesian differential private for $\mathscrl$ = 1,2,ldots, m, then by feeding the result of Y1 into Y2, the result of Y2 into Y3, and so on, we will finally have an $S$m$\mathscrl$=;1 $e\mathscrl$-Bayesian differential private algorithm. For parallel composability, we consider the situation where a database is partitioned into m disjoint subsets. The $\mathscrl$-th subset is input to a Bayesian differential private algorithm Y$\mathscrl$, for $\mathscrl$= 1, 2,ldots, m. Then the parallel composition of Y1, Y2,ldots, Ym will be maxm$\mathscrl$=;1=1 $e\mathscrl$-Bayesian differential private. The postprocessing property means that a data analyst, without additional knowledge abo- t the private database, cannot compute a function of the output of a Bayesian differential private algorithm and reduce its privacy guarantee.