DP-SIPS: A simpler, more scalable mechanism for differentially private partition selection

Partition selection, or set union, is an important primitive in differentially private mechanism design: in a database where each user contributes a list of items, the goal is to publish as many of these items as possible under differential privacy. In this work, we present a novel mechanism for differentially private partition selection. This mechanism, which we call DP-SIPS, is very simple: it consists of iterating the naive algorithm over the data set multiple times, removing the released partitions from the data set while increasing the privacy budget at each step. This approach preserves the scalability benefits of the naive mechanism, yet its utility compares favorably to more complex approaches developed in prior work. Along the way, this work also gives an alternate definition of approximate zero-concentrated DP, and reports some empirical observations on the utility of other partition selection mechanisms.