When releasing outputs from confidential data, agencies need to balance the analytical usefulness of the released data with the obligation to protect data subjects' confidentiality. For releases satisfying differential privacy, this balance is reflected by the parameter epsilon, known as the privacy budget. In practice, it can be difficult for agencies to select and interpret epsilon. We use Bayesian posterior probabilities of disclosure to provide a framework for setting epsilon. The agency decides how much posterior risk it is willing to accept in a data release at various levels of prior risk. Using a mathematical relationship among these probabilities and epsilon, the agency selects the maximum epsilon that ensures the posterior-to-prior ratios are acceptable for all values of prior disclosure risk. The framework applies to any differentially private mechanism.

翻译：在发布涉密数据时，机构需要在保障数据主体机密性的义务与发布数据的分析实用性之间寻求平衡。对于满足差分隐私的数据发布，这种平衡通过参数ε（即隐私预算）得以体现。实践中，机构往往难以确定和解读ε的具体含义。我们利用泄露事件的贝叶斯后验概率构建隐私预算设定框架：机构可决策在不同先验风险等级下，数据发布所能接受的最大后验风险。通过揭示这些概率与ε之间的数学关系，机构能够选择最大ε值，确保在所有先验泄露风险取值下，后验风险与先验风险的比值均处于可接受范围内。该框架适用于任意差分隐私机制。