Setting $\varepsilon$ is not the Issue in Differential Privacy

This position paper argues that setting the privacy budget in differential privacy should not be viewed as an important limitation of differential privacy compared to alternative methods for privacy-preserving machine learning. The so-called problem of interpreting the privacy budget is often presented as a major hindrance to the wider adoption of differential privacy in real-world deployments and is sometimes used to promote alternative mitigation techniques for data protection. We believe this misleads decision-makers into choosing unsafe methods. We argue that the difficulty in interpreting privacy budgets does not stem from the definition of differential privacy itself, but from the intrinsic difficulty of estimating privacy risks in context, a challenge that any rigorous method for privacy risk assessment face. Moreover, we claim that any sound method for estimating privacy risks should, given the current state of research, be expressible within the differential privacy framework or justify why it cannot.

• Publication year

  2025

• Venue

  Unknown venue

• Publication date

  2025-11-09

• Fields of study

  Computer Science

• Identifiers
  arXiv 2511.06305
• External record

  Open on Semantic Scholar

• Source metadata

  Semantic Scholar

• No claims are published for this paper.

• No concepts are published for this paper.

• Auditing f-Differential Privacy in One Run

  2024cited by this paper
• A Statistical Viewpoint on Differential Privacy: Hypothesis Testing, Representation and Blackwell's Theorem

  2024cited by this paper
• Tighter Privacy Auditing of DP-SGD in the Hidden State Threat Model

  2024cited by this paper
• Evaluations of Machine Learning Privacy Defenses are Misleading

  2024cited by this paper
• Tight Auditing of Differentially Private Machine Learning

  2023cited by this paper
• The Inadequacy of Similarity-Based Privacy Metrics: Privacy Attacks Against “Truly Anonymous” Synthetic Datasets

  2023cited by this paper
• Against Predictive Optimization: On the Legitimacy of Decision-Making Algorithms that Optimize Predictive Accuracy

  2023cited by this paper
• Privacy Auditing with One (1) Training Run

  2023cited by this paper
• What Are the Chances? Explaining the Epsilon Parameter in Differential Privacy

  2023cited by this paper
• Emerging Trends: SOTA-Chasing

  2022cited by this paper
• Reconstructing Training Data with Informed Adversaries

  2022cited by this paper
• Considerations for Differentially Private Learning with Large-Scale Public Pretraining

  2022cited by this paper
• Will we run out of data? Limits of LLM scaling based on human-generated data

  2022cited by this paper
• TAN without a burn: Scaling Laws of DP-SGD

  2022cited by this paper
• ID and OOD Performance Are Sometimes Inversely Correlated on Real-world Datasets

  2022cited by this paper
• AI and the Everything in the Whole Wide World Benchmark

  2021cited by this paper
• Adversary Instantiation: Lower Bounds for Differentially Private Machine Learning

  2021cited by this paper
• On the Dangers of Stochastic Parrots: Can Language Models Be Too Big? 🦜

  2021cited by this paper
• InstaHide: Instance-hiding Schemes for Private Distributed Learning

  2020cited by this paper
• An Attack on InstaHide: Is Private Learning Possible with Instance Encoding?

  2020cited by this paper
• Investigating Statistical Privacy Frameworks from the Perspective of Hypothesis Testing

  2019cited by this paper
• The Tyranny of Metrics

  2019cited by this paper
• Hypothesis Testing Interpretations and Renyi Differential Privacy

  2019cited by this paper
• Evaluating Differentially Private Machine Learning in Practice

  2019cited by this paper
• Differential Privacy and the US Census

  2019cited by this paper
• A Survey on Differentially Private Machine Learning

  2019cited by this paper
• Interpreting Epsilon of Differential Privacy in Terms of Advantage in Guessing or Approximating Sensitive Attributes

  2019cited by this paper
• Protection Against Reconstruction and Its Applications in Private Federated Learning

  2018cited by this paper
• Privacy Loss in Apple's Implementation of Differential Privacy on MacOS 10.12

  2017cited by this paper
• Rényi Differential Privacy

  2017cited by this paper
• Only You, Your Doctor, and Many Others May Know

  2015influential reference
• Prouver et gouverner : une analyse politique des statistiques publiques

  2014cited by this paper
• RAPPOR: Randomized Aggregatable Privacy-Preserving Ordinal Response

  2014cited by this paper
• The Composition Theorem for Differential Privacy

  2013cited by this paper
• Understanding Privacy

  2010cited by this paper
• Broken Promises of Privacy: Responding to the Surprising Failure of Anonymization

  2009cited by this paper
• A Statistical Framework for Differential Privacy

  2008cited by this paper
• Differential Privacy: A Survey of Results

  2008cited by this paper
• How To Break Anonymity of the Netflix Prize Dataset

  2006cited by this paper
• Calibrating Noise to Sensitivity in Private Data Analysis

  2006cited by this paper
• Privacy as contextual integrity

  2004cited by this paper
• Irrational decisions: attending to numbers rather than ratios

  2003cited by this paper
• k-Anonymity: A Model for Protecting Privacy

  2002cited by this paper
• Privacy

  2002cited by this paper
• Simple Demographics Often Identify People Uniquely

  2000cited by this paper
• Problems of Monetary Management: The UK Experience

  1984cited by this paper
• Extensional versus intuitive reasoning: the conjunction fallacy in probability judgment

  1983cited by this paper
• Privacy and freedom

  1970cited by this paper
• Randomized response: a survey technique for eliminating evasive answer bias.

  1965cited by this paper

• No citing papers are available for this paper.