Differentially Private Set Union

We study the basic operation of set union in global model differential privacy. In this problem, we are given a universe $U$ items, possibly infinite size, and database $D$ users. Each user $i$ contributes subset $W_i \subseteq U$ items. want an ($\epsilon$,$\delta$)-differentially private algorithm which outputs $S \subset \cup_i W_i$ such that size $S$ is as large possible. The problem arises countless real world applications; it particularly ubiquitous natural language processing (NLP) applications vocabulary extraction. For example, discovering words, sentences, $n$-grams etc., from text data belonging to users instance problem.Known algorithms for proceed by collecting items each user, taking subsets, disclosing whose noisy counts fall above certain threshold. Crucially, process, contribution individual always independent held other users, resulting wasteful aggregation where some item happen be way deviate paradigm allowing contribute their {\em dependent fashion}, guided policy}. new setting ensuring privacy significantly delicate. prove any policy has contractive} properties would result differentially algorithm. design two union, one using Laplace noise Gaussian noise, use $\ell_1$-contractive $\ell_2$-contractive policies respectively provide concrete examples policies. Our experiments show combination with our outperform previously known mechanisms problem.