Differential privacy (DP) has various desirable properties, such as robustness to post-processing, group privacy, and amplification by subsampling, which can be derived independently of each other. Our goal is to determine whether stronger privacy guarantees can be obtained by considering multiple of these properties jointly. To this end, we focus on the combination of group privacy and amplification by subsampling. To provide guarantees that are amenable to machine learning algorithms, we conduct our analysis in the framework of R\'enyi-DP, which has more favorable composition properties than $(\epsilon,\delta)$-DP. As part of this analysis, we develop a unified framework for deriving amplification by subsampling guarantees for R\'enyi-DP, which represents the first such framework for a privacy accounting method and is of independent interest. We find that it not only lets us improve upon and generalize existing amplification results for R\'enyi-DP, but also derive provably tight group privacy amplification guarantees stronger than existing principles. These results establish the joint study of different DP properties as a promising research direction.

翻译：差分隐私（DP）具有多种理想性质，例如对后处理的鲁棒性、组隐私以及通过子抽样实现的隐私放大，这些性质可以相互独立地推导。我们的目标是探究联合考虑这些性质中的多个是否能够获得更强的隐私保证。为此，我们聚焦于组隐私与子抽样放大的组合。为了提供适用于机器学习算法的保证，我们在Rényi差分隐私框架下展开分析，该框架相较于$(\epsilon,\delta)$-DP具有更优的复合性质。在分析过程中，我们开发了一个统一的框架，用于推导Rényi-DP的子抽样放大保证——这是首个针对隐私核算方法的此类框架，其本身具有独立的研究价值。我们发现，该框架不仅使我们能够改进并泛化Rényi-DP现有的放大结果，还能推导出优于现有原理的可证明严格的组隐私放大保证。这些结果确立了将不同DP性质进行联合研究作为一个有前景的研究方向。