Federated Learning, as a popular paradigm for collaborative training, is vulnerable against privacy attacks. Different privacy levels regarding users' attitudes need to be satisfied locally, while a strict privacy guarantee for the global model is also required centrally. Personalized Local Differential Privacy (PLDP) is suitable for preserving users' varying local privacy, yet only provides a central privacy guarantee equivalent to the worst-case local privacy level. Thus, achieving strong central privacy as well as personalized local privacy with a utility-promising model is a challenging problem. In this work, a general framework (APES) is built up to strengthen model privacy under personalized local privacy by leveraging the privacy amplification effect of the shuffle model. To tighten the privacy bound, we quantify the heterogeneous contributions to the central privacy user by user. The contributions are characterized by the ability of generating "echos" from the perturbation of each user, which is carefully measured by proposed methods Neighbor Divergence and Clip-Laplace Mechanism. Furthermore, we propose a refined framework (S-APES) with the post-sparsification technique to reduce privacy loss in high-dimension scenarios. To the best of our knowledge, the impact of shuffling on personalized local privacy is considered for the first time. We provide a strong privacy amplification effect, and the bound is tighter than the baseline result based on existing methods for uniform local privacy. Experiments demonstrate that our frameworks ensure comparable or higher accuracy for the global model.

翻译：联邦学习作为一种流行的协作训练范式，易受隐私攻击。本地需满足用户态度差异化的隐私级别，而全局模型也需在中心侧提供严格隐私保障。个性化本地差分隐私（PLDP）适用于保护用户差异化的本地隐私，但其中心隐私保障仅相当于最差情况下的本地隐私级别。因此，在保证个性化本地隐私的同时实现强中心隐私并保持模型效用是一个具有挑战性的问题。本研究构建了一个通用框架（APES），通过利用混洗模型的隐私放大效应，在个性化本地隐私约束下增强模型隐私。为收紧隐私界限，我们逐用户量化了对中心隐私的异质性贡献。这些贡献通过每个用户扰动生成的“回声”能力来刻画，并通过提出的邻域散度和裁剪-拉普拉斯机制进行精细度量。此外，我们提出采用后稀疏化技术的改进框架（S-APES）以减少高维场景下的隐私损失。据我们所知，这是首次考虑混洗对个性化本地隐私的影响。我们实现了强隐私放大效应，且其界限比基于现有均匀本地隐私方法得到的基线结果更紧凑。实验表明，我们的框架能确保全局模型达到可比或更高的精度。