Understanding Trade-offs Between Worst-case Differential Privacy Guarantees & Real Threat Models
A Google TechTalk, 2026-05-20, presented by Meenatchi Sundaram Muthu Selva Annamalai
Full Title: Theory will only take you so far: Understanding the precise trade-offs between worst-case differential privacy guarantees and real-world threat models
ABSTRACT: Although DP is a popular framework that has transformed the space of privacy-preserving data analysis in the past 23 years, a central challenge that remains is how to interpret and translate the worst-case privacy protections to real world threat models. In this talk, I will present several work that attempt to tackle this challenge from both theoretical and empirical angles. On the theory side, careful edge-case analysis and incorporation of priors has enabled us to more accurately upper-bound real-world adversaries’ performance against DP mechanisms. On the other hand, better auditing mechanisms have paved the way for more accurate lower-bounds empirically. Nevertheless, a substantial gap still exists between the two bounds, for which I identify and present several promising directions for future research.
Bio: Meenatchi Sundaram (Sundar) is a final year PhD student (currently on the job market!) at University College London, advised by Prof. Emiliano De Cristofaro. His research interests lie in the general area of privacy and security of AI/ML, specifically in investigating the robustness of AI and ML systems to privacy and security attacks (e.g., MIA, AIA, prompt injection) and designing safe and trustworthy systems through the use of privacy enhancing technologies (e.g., DP, FL, synthetic data).
Full Title: Theory will only take you so far: Understanding the precise trade-offs between worst-case differential privacy guarantees and real-world threat models
ABSTRACT: Although DP is a popular framework that has transformed the space of privacy-preserving data analysis in the past 23 years, a central challenge that remains is how to interpret and translate the worst-case privacy protections to real world threat models. In this talk, I will present several work that attempt to tackle this challenge from both theoretical and empirical angles. On the theory side, careful edge-case analysis and incorporation of priors has enabled us to more accurately upper-bound real-world adversaries’ performance against DP mechanisms. On the other hand, better auditing mechanisms have paved the way for more accurate lower-bounds empirically. Nevertheless, a substantial gap still exists between the two bounds, for which I identify and present several promising directions for future research.
Bio: Meenatchi Sundaram (Sundar) is a final year PhD student (currently on the job market!) at University College London, advised by Prof. Emiliano De Cristofaro. His research interests lie in the general area of privacy and security of AI/ML, specifically in investigating the robustness of AI and ML systems to privacy and security attacks (e.g., MIA, AIA, prompt injection) and designing safe and trustworthy systems through the use of privacy enhancing technologies (e.g., DP, FL, synthetic data).
Google TechTalks
Google Tech Talks is a grass-roots program at Google for sharing information of interest to the technical community. At its best, it's part of an ongoing discussion about our world featuring top experts in diverse fields. Presentations range from the br...