In high-stakes settings, there is a dual requirement for generating counterfactual explanations for black-box models while rigorously protecting user query privacy. Method: This paper introduces private information retrieval (PIR) into counterfactual generation for the first time, proposing an exact nearest-neighbor retrieval method that provides information-theoretically strict query privacy guarantees. It integrates an efficient finite-field arithmetic–based PIR protocol, a mutual-information-driven quantification mechanism for database-side leakage, and preference-aware attribute transformation modeling. Contribution/Results: The approach enables controllable trade-offs between explanation fidelity and privacy strength. Experiments on real-world datasets demonstrate its feasibility: it significantly reduces the database’s ability to infer user intent while supporting actionable, personalized counterfactual explanations.

Transparency and explainability are two extremely important aspects to be considered when employing black-box machine learning models in high-stake applications. Providing counterfactual explanations is one way of catering this requirement. However, this also poses a threat to the privacy of both the institution that is providing the explanation as well as the user who is requesting it. In this work, we propose multiple schemes inspired by private information retrieval (PIR) techniques which ensure the emph{user's privacy} when retrieving counterfactual explanations. We present a scheme which retrieves the emph{exact} nearest neighbor counterfactual explanation from a database of accepted points while achieving perfect (information-theoretic) privacy for the user. While the scheme achieves perfect privacy for the user, some leakage on the database is inevitable which we quantify using a mutual information based metric. Furthermore, we propose strategies to reduce this leakage to achieve an advanced degree of database privacy. We extend these schemes to incorporate user's preference on transforming their attributes, so that a more actionable explanation can be received. Since our schemes rely on finite field arithmetic, we empirically validate our schemes on real datasets to understand the trade-off between the accuracy and the finite field sizes.