PuSH - Publikationsserver des Helmholtz Zentrums München: Estimating Group Means Under Local Differential Privacy.

Informationen

Hinweise zu Qualitätskriterien von Zeitschriften

Open-Access-Richtlinie der Helmholtz-Gemeinschaft 2016

CC Licencences

Metriken für Publikationen

Navigation

Startseite

English

Recherche

Erweiterte Suche

Durchblättern nach ...

... HMGU-Autoren/Konsortien

... Organisationsstruktur

... Zeitschriften

... Publikationstypen

... Forschungsdaten

... Arbeitsgruppen

... Erscheinungsjahr

Publikationen im Überblick

Statistik

HGF Fortschrittsbericht

OA Publikationen

Eintragen

Neue Publikation eintragen

Neue Publikation holen aus...

...EVA

Fehlende Publikation melden

Highlights

Suche

Hilfe & Kontakt

Ansprechpartner

Hilfe

Datenschutz

Helmholtz Open Science

Bibliometrische Indikatoren

SHERPA/RoMEO

DOAJ

Export:

Text

Endnote (RIS) BIB

BibTeX

Raab, R.* ; Bohr, A.* ; Klede, K.* ; Gmeiner, B.* ; Eskofier, B.M.

Estimating Group Means Under Local Differential Privacy.

In: (Proceedings on Privacy Enhancing Technologies). 2025. 236 - 274 (Proceedings on Privacy Enhancing Technologies ; 2025)

Verlagsversion

DOI

Abstract
Metriken
Zusatzinfos

The European Health Data Space (EHDS) aims to enable the sharing of health data across Europe to improve healthcare and research. While the EHDS mandates anonymization or pseudonymization of shared health data, these techniques may still allow adversaries to re-identify individuals. Local differential privacy (LDP) has been proposed as a formal privacy guarantee that can help mitigate this issue. In this paper, we consider a common problem when analyzing health data: estimating means for different groups. We discuss a generic privacy-preserving method for approximating the means of different groups in a decentralized setting where both the group and the value are considered private. We show that four concrete instantiations of the method based on existing mean estimation methods (Laplace, Bernoulli, Piecewise, and NPRR) are locally differentially private. We evaluate their performance on synthetic and real-world medical datasets. Our results show that the proposed methods can accurately estimate the group means, while maintaining privacy. However, similar to other LDP algorithms, our approach requires a sufficient amount of data (in our case a sufficient amount of samples per group) combined with a sufficiently large privacy budget ε to produce accurate results. We discuss concrete practical issues like choosing an appropriate input range, dealing with large privacy budgets through the use of the shuffle model of differential privacy, and the need for further analysis techniques to make LDP solutions applicable to practical medical data analysis.

Altmetric