Optimal estimation in private distributed functional data analysis

We systematically investigate the preservation of differential privacy in functional data analysis, beginning with functional mean estimation and extending to varying coefficient model estimation. Our work introduces a distributed learning framework involving multiple servers, each responsible for collecting several sparsely observed functions. This hierarchical setup introduces a mixed notion of privacy. Within each function, user-level differential privacy is applied to $m$ discrete observations. At the server level, central differential privacy is deployed to account for the centralised nature of data collection. Across servers, only private information is exchanged, adhering to federated differential privacy constraints. To address this complex hierarchy, we employ minimax theory to reveal several fundamental phenomena: from sparse to dense functional data analysis, from user-level to central and federated differential privacy costs, and the intricate interplay between different regimes of functional data analysis and privacy preservation. To the best of our knowledge, this is the first study to rigorously examine functional data estimation under multiple privacy constraints. Our theoretical findings are complemented by efficient private algorithms and extensive numerical evidence, providing a comprehensive exploration of this challenging problem.

💡 Research Summary

This paper introduces a comprehensive framework for private distributed functional data analysis (FDA) that simultaneously accommodates three layers of differential privacy (DP): user‑level DP applied to the m discrete observations that constitute each individual function, central DP (CDP) enforced at each server that aggregates many such functions, and federated DP (FDP) governing the communication between servers. The authors begin with the canonical problem of estimating the functional mean µ∗(·) and then extend the methodology to the varying coefficient model (VCM), a high‑dimensional extension of FDA.

The statistical setting assumes that each function lies in a Sobolev space W(α, Cα) and is observed on a possibly sparse grid of size m. The paper adopts a minimax risk perspective: for a given privacy constraint set Q (CDP, LDP, or FDP) and a class of data‑generating distributions P, the minimax risk is defined as the infimum over all private estimators of the worst‑case mean‑squared L2 error. By carefully analyzing the sensitivity of the functional coefficients under the three privacy notions, the authors derive sharp upper and lower bounds that match up to logarithmic factors.

Table 1 summarizes the main minimax rates. For functional mean estimation under CDP, the risk decomposes into a non‑private term n^{-2α/(2α+1)} (the classical FDA rate) and a privacy‑induced term (n^{2}mε^{2})^{-α/(α+1)} in the sparse regime (small m) or (n^{2}ε^{2})^{-1} in the dense regime (large m). When the data are distributed across S servers and FDP is imposed, the privacy term scales with S, yielding (S n)^{2}mε^{2} or (S n)^{2}ε^{2} respectively. For the VCM, an additional factor d (the dimensionality of the coefficient vector) appears, leading to rates such as d·(nm)^{-2α/(2α+1)} plus privacy penalties that also depend on d. These results reveal four distinct phase‑transition boundaries: (i) sparse ↔ dense functional data, (ii) private ↔ non‑private estimation, and (iii) user‑level ↔ central ↔ federated privacy costs. The interplay of these transitions creates a richer “four‑way” transition diagram than previously observed in either FDA or DP literature.

A key methodological contribution is the anisotropic Gaussian mechanism. The standard Gaussian mechanism adds isotropic noise calibrated to the ℓ2‑sensitivity Δ₂(f), which can be overly conservative for functional data because high‑frequency Fourier coefficients have much smaller sensitivities. The authors propose adding coordinate‑wise Gaussian noise with variances σ_ℓ² = 4·log(2/δ)·Δ_fℓ·‖Δ_f‖₁/ε², where Δ_fℓ is the ℓ‑wise sensitivity. This anisotropic design preserves (ε,δ)‑DP while reducing the total injected noise from O(r·σ₀²) to O(‖Δ_f‖₂²/ε²), a logarithmic improvement in the ambient dimension r.

Building on this mechanism, the paper presents practical algorithms based on mini‑batch stochastic gradient descent (SGD) with gradient clipping. Each server computes clipped gradients on its local functions, adds anisotropic Gaussian noise, and transmits the privatized gradients to a central aggregator. The aggregator averages the noisy gradients, adds an optional second layer of noise to satisfy FDP, and updates the global estimate. The authors prove that these procedures achieve the minimax upper bounds derived earlier, and they provide extensive simulations on synthetic and real datasets (e.g., medical time‑series, climate curves) that confirm the theoretical predictions.

The experimental section illustrates how the risk behaves across the identified regimes: when m is small (sparse observations), the privacy term dominates and the error follows the sparse‑rate; as m grows, the error transitions to the dense‑rate, matching the non‑private optimal rate. Increasing the number of servers S linearly inflates the FDP penalty, highlighting a practical trade‑off between parallelism and privacy budget.

In conclusion, the paper makes three novel contributions: (1) it formalizes a hierarchical DP model tailored to distributed FDA, (2) it derives tight minimax lower and upper bounds that expose four interacting phase transitions, and (3) it introduces an anisotropic Gaussian mechanism and accompanying SGD‑based algorithms that attain the optimal rates. These results provide both theoretical insight and actionable guidance for practitioners handling sensitive functional data across multiple institutions, such as hospitals, climate monitoring networks, or collaborative neuroscience studies.