Existing differentially private SQL systems support only rigid privacy policies, making them ill-suited for complex requirements in relational databases such as cross-table joins, partially public data, and column-level heterogeneous protection. This work proposes a differentially private SQL system that enables flexible privacy policies, achieving fine-grained, composable control over record existence, content, and partially public columns for the first time. By allowing table- or column-specific privacy specifications, the system leverages differential privacy theory together with query stability analysis and an adaptive noise injection mechanism to dynamically compute the necessary perturbation for heterogeneous policies—without modifying the underlying privacy accounting logic. Under strict differential privacy guarantees, the approach significantly reduces noise and enhances utility while supporting multi-table joins and diverse privacy requirements.

The plausible deniability model of differential privacy for single-table datasets is well-understood. However, applying differential privacy to relational databases is much trickier: each application needs flexibility in specifying the pieces of information about an entity, spread across multiple relations, that require plausible deniability guarantees. Existing differentially private SQL systems only support rigid privacy policies. Even seemingly small changes, such as specifying that some tables need to protect the existence of records while others only need to protect the record contents, require significant manual effort in updating their privacy accountants and proving their correctness. One example of a challenge is the presence of partially public data. Public columns in a table (e.g., faculty names in a university dataset and partial course enrollment information) can cause some queries to require more noise (compared to fully private data), while others require less noise. This kind of reasoning is not supported in existing systems. Another example is when different parts of records (e.g., demographics, financial data) require different levels of privacy protection. Again, existing differentially private SQL systems need to rewrite their rules for calculating query stability in order to support such a feature. This paper presents DP4SQL, a differentially private SQL system that allows data curators to better customize the plausible deniability requirements for their relational databases. This avoids the drawbacks of the "one-size-fits-all" systems that would either underprotect the data or inject too much noise into query answers.