Report Noisy Max and Above Threshold are two classical differentially private (DP) selection mechanisms. Their output is obtained by adding noise to a sequence of low-sensitivity queries and reporting the identity of the query whose (noisy) answer satisfies a certain condition. Pure DP guarantees for these mechanisms are easy to obtain when Laplace noise is added to the queries. On the other hand, when instantiated using Gaussian noise, standard analyses only yield approximate DP guarantees despite the fact that the outputs of these mechanisms lie in a discrete space. In this work, we revisit the analysis of Report Noisy Max and Above Threshold with Gaussian noise and show that, under the additional assumption that the underlying queries are bounded, it is possible to provide pure ex-ante DP bounds for Report Noisy Max and pure ex-post DP bounds for Above Threshold. The resulting bounds are tight and depend on closed-form expressions that can be numerically evaluated using standard methods. Empirically we find these lead to tighter privacy accounting in the high privacy, low data regime. Further, we propose a simple privacy filter for composing pure ex-post DP guarantees, and use it to derive a fully adaptive Gaussian Sparse Vector Technique mechanism. Finally, we provide experiments on mobility and energy consumption datasets demonstrating that our Sparse Vector Technique is practically competitive with previous approaches and requires less hyper-parameter tuning.

翻译：报告带噪最大值与超阈值是两种经典的差分隐私（DP）筛选机制。此类机制的输出通过向低敏感度查询序列添加噪声获得，并报告其（带噪）答案满足特定条件的查询标识。当向查询添加拉普拉斯噪声时，这些机制易于获得纯DP保证。然而，当采用高斯噪声实现时，尽管这些机制的输出位于离散空间中，现有分析仅能提供近似DP保证。本研究重新审视了高斯噪声下报告带噪最大值与超阈值的分析，结果表明，在额外假设底层查询有界的前提下，可为报告带噪最大值提供纯先验DP界，为超阈值提供纯后验DP界。所得界紧且可通过标准方法数值评估的闭式表达式确定。实验表明，在高隐私低数据量场景下，这些结论能实现更紧的隐私核算。此外，我们提出一种用于组合纯后验DP保证的简单隐私过滤器，并基于此推导出完全自适应的稀疏向量技术机制。最后，基于移动与能耗数据集的实验证明，我们的稀疏向量技术在实践中与现有方法具有竞争力，且所需超参数调优更少。