Large Language models (LLMs) are achieving state-of-the-art performance in many different downstream tasks. However, the increasing urgency of data privacy requires LLMs to train with Differential Privacy (DP) on private data. Concurrently it is also necessary to compress LLMs for real-life deployments on resource-constrained devices or latency-sensitive applications. Differential privacy and model compression generally must trade off utility loss to achieve their objectives. Moreover, concurrently achieving both can result in even more utility loss. To this end, we propose a novel differentially private knowledge distillation algorithm that exploits synthetic data generated by a differentially private LLM. The knowledge of a teacher model is transferred onto the student in two ways: one way from the synthetic data itself, the hard labels, and the other way by the output distribution of the teacher model evaluated on the synthetic data, the soft labels. Furthermore, if the teacher and student share a similar architectural structure, we can further distill knowledge by exploiting hidden representations. Our results show that our framework substantially improves the utility over existing baselines with strong privacy parameters, {\epsilon} = 2, validating that we can successfully compress autoregressive LLMs while preserving the privacy of training data.

翻译：大型语言模型（LLMs）在众多下游任务中取得了最先进的性能。然而，日益紧迫的数据隐私需求要求LLMs在私有数据上采用差分隐私（DP）进行训练。同时，为在资源受限设备或延迟敏感应用中实现实际部署，压缩LLMs也必不可少。差分隐私与模型压缩通常需要权衡效用损失以实现各自目标，而同时实现两者可能导致更大的效用损失。为此，我们提出一种新颖的差分隐私知识蒸馏算法，该算法利用由差分隐私LLM生成的合成数据。教师模型的知识通过两种方式传递给学生模型：一方面来自合成数据本身（硬标签），另一方面来自教师模型在合成数据上评估的输出分布（软标签）。进一步地，若教师与学生模型具有相似的架构结构，我们还可利用隐层表示进行知识蒸馏。实验结果表明，在强隐私参数（ε=2）下，我们的框架相较现有基线方法显著提升了效用性，验证了该方法能在保护训练数据隐私的同时成功压缩自回归型LLMs。