Presentation at STOC 2014

1. Private Matchings and Allocations
Joint work with
Justin Hsu (Penn)
Zhiyi Huang (HKU)
Aaron Roth (Penn)
Tim Roughgarden (Stanford)
Speaker: Steven Wu
University of Pennsylvania
STOC 2014

2. The Allocation Problem
n
bidders
m
items

3. An important special case:
𝑚 goods
𝑗 ∈ [𝑚]
𝑛 agents
i ∈ [𝑛]
1
2
3
A
B
C
• Unit demand valuations
• Equivalent to max-weight matching

4. Our Goal
High social welfare allocation
Privacy
(without revealing individual private valuations)

5. D
Differential Privacy
Algorithm
ratio bounded
Alice Bob Chris Donna ErnieXavier

6. Differential Privacy
• An algorithm A with domain X and range R
satisfies ε-differential privacy if for every outcome r
and every pair of databases D, D’ differing in one
record:
Pr[ A(D) = r ] ≤ (1 + ε)Pr[ A(D’) = r]
• Domain: Reported valuation functions
• Range: Matchings

7. Problem: Assignment Reveals Preference
• Problem: High welfare matching will give people
what they want.

8. Separate Outputs
Algorithm

9. Protect from Coalition
Algorithm
!

10. Joint Differential Privacy (KPRU’14)
(MM09, GLMRT10)

11. Supply Assumption
• We need multiple copies for each
type of good even under JDP.
• How many?
Impossible Trivial

12. Main Result
Theorem: There is a JDP algorithm in the that solves the
max-weight matching problem with n people and k
types of goods with supply at least s each, and
outputs a matching of weight
OPT – αn
whenever:

13. A Framework for JDP
The “Billboard Model”

14. “Low information” Signal
o From the signal, every bidder can figure out what
item they are matched to in a matching
o Does not reveal each individual’s private data
• Think: Prices

15. Max Matchings (A Sketch)
A remarkable algorithm for Max-Matchings: [Kelso and Crawford ’82]

16. 0.5 0.1
0 0.2
$0
$0
$0.1
$0.2
Outbid
$0.1
Bid Again

17. Welfare

18. Prices as information
Claim: Bidders just need to see the prices
1. Prices are sufficient to identify the favorite good
2. When price raises again, a bidder is unmatched
3. Bidders are matched to the last thing they bid on
• Just need to count how many bids each good
received!

19. Privately Maintaining Counts
1 0 0 1 1 1 0 1 032
• Private (noisy) counters under continual observation
[DNPR10, CSS10]
• Given a stream of T bits, maintain an estimate of the
running count with accuracy
o Single Stream of sensitivity 1

20. Privately Maintaining Counts
1 1 1 1 1 1 0 0 018
1 0 0 1 1 1 0 1 032
0 0 0 1 1 1 1 1 0192
• A straightforward generalization:
K counters on K streams that collectively have
sensitivity Δ gives accuracy

21. Lower Sensitivity
Stopping the auction early
with a new condition
• Sensitivity

22. Counter Error
• Error per bid counter

23. Supply
• Goods might also be under/over-allocated by E.
o Doesn’t reduce the welfare by more than (1-α) factor if

24. Main Theorem
Theorem: There is a private algorithm in the billboard
model that solves the max-weight matching problem
with n people and k types of goods with supply at
least s each, and outputs a matching of weight
OPT – αn
whenever:

25. Extensions
• Results extend to the allocation problem
when buyers have gross substitute
preferences.

26. Conclusions
• Some problems that can’t be solved under DP
can be solved under joint-DP.
o If the output is partitioned among the agents
o The agent’s output is allowed to be sensitive in his input.
• Billboard model: interesting framework to design
a joint-DP algorithm?

27. Private Matchings and Allocations
Joint work with
Justin Hsu (Penn)
Zhiyi Huang (HKU)
Aaron Roth (Penn)
Tim Roughgarden (Stanford)
Speaker: Steven Wu
University of Pennsylvania