Search papers, labs, and topics across Lattice.
This paper investigates the cost of differential privacy (DP) in language identification and generation tasks within the agnostic statistical setting. They establish algorithms and matching lower bounds to quantify the trade-off between privacy and performance. Their key finding is that approximate DP incurs no performance cost, while pure DP degrades performance by a factor of $\min\{1,\varepsilon\}$ in the exponent of the error rate.
Differential privacy in language tasks is surprisingly cheap: approximate DP is free, and pure DP only reduces performance by a factor of $\min\{1,\varepsilon\}$.
As large language models (LLMs) are increasingly trained on sensitive user data, understanding the fundamental cost of privacy in language learning becomes essential. We initiate the study of differentially private (DP) language identification and generation in the agnostic statistical setting, establishing algorithms and matching lower bounds that precisely quantify the cost of privacy. For both tasks, approximate $(\varepsilon, 未)$-DP with constant $\varepsilon > 0$ recovers the non-private error rates: $\exp(-r(n))$ for identification (for any $r(n) = o(n)$) and $\exp(-惟(n))$ for generation. Under pure $\varepsilon$-DP, the exponents degrade by a multiplicative factor of $\min\{1, \varepsilon\}$, which we show is tight up to constants. Notably, for generation under pure DP with mild assumptions, the upper bound $\exp(-\min\{1,\varepsilon\} \cdot 惟(n))$ matches the lower bound up to some constants, establishing an optimal rate. Our results show that the cost of privacy in language learning is surprisingly mild: absent entirely under approximate DP, and exactly a $\min\{1,\varepsilon\}$ factor in the exponent under pure DP.
