Federated A/B Testing under User-level Privacy Protection
Nonparametric two-sample testing under local differential privacy.
Local Differential Privacy (LDP) allows for data analysis while guaranteeing that individual data entries remain private, even from the data aggregator. This project focuses on developing robust hypothesis testing methods in the LDP setting.
Key Objectives:
Design optimal test statistics for LDP data.
Analyze the trade-off between privacy budgets and statistical power.
Apply these methods to real-world distributed datasets.
This page is currently under construction.
References
differential privacy, nonparametric statistics
Minimax optimal two-sample testing under local differential privacy
Federated learning, where user data remains on local devices and only weight updates are transmitted, has become the industry standard for training neural networks on sensitive data. Federated analytics builds on this infrastructure, enabling data science insights without transmitting raw data. However, recent studies show that hijacking weight updates or data summaries can allow recovery of the original raw data. To address this privacy risk, we propose a private A/B testing method that transmits noisy data summaries within the federated learning framework. We begin with multinomial data, introducing private permutation tests using privacy mechanisms like the Laplace mechanism, discrete Laplace mechanism, and Google’s RAPPOR mechanism. We extend our approach to continuous data using binning and analyze uniform separation rates under local differential privacy (LDP). Our tests rigorously control Type I error, satisfy LDP constraints, and achieve minimax separation rates, highlighting the inherent privacy-utility trade-offs in private testing.
Minimax optimal two-sample testing under local differential privacyJournal of Machine Learning Research, Nov 2025