To protect the privacy of individuals whose data is being shared, it is of high importance to develop methods allowing researchers and companies to release textual data while providing formal privacy guarantees to its originators. In the field of NLP, substantial efforts have been directed at building mechanisms following the framework of local differential privacy, thereby anonymizing individual text samples before releasing them. In practice, these approaches are often dissatisfying in terms of the quality of their output language due to the strong noise required for local differential privacy. In this paper, we approach the problem at hand using global differential privacy, particularly by training a generative language model in a differentially private manner and consequently sampling data from it. Using natural language prompts and a new prompt-mismatch loss, we are able to create highly accurate and fluent textual datasets taking on specific desired attributes such as sentiment or topic and resembling statistical properties of the training data. We perform thorough experiments indicating that our synthetic datasets do not leak information from our original data and are of high language quality and highly suitable for training models for further analysis on real-world data. Notably, we also demonstrate that training classifiers on private synthetic data outperforms directly training classifiers on real data with DP-SGD.

使用全局差分隐私的方法，通过训练生成式语言模型并从中采样数据来保护数据分享者的隐私，并通过新的匹配损失设计自然语言提示，得出高质量的文本数据集，这些数据集不仅不会泄露原始数据的信息，而且还适合训练用于分析真实世界数据的模型，同样证明基于私有合成数据训练分类器的性能优于直接基于真实数据使用DP-SGD进行训练。

安全数据共享的差分隐私语言模型