Existing differential privacy shuffling models support only statistical aggregation, failing to meet demands for personalized computation. This work proposes Private Individual Computation (PIC), a novel paradigm enabling strong, user-specific privacy guarantees without any trusted central authority. Methodologically, we design a Minkowski-response randomizer that preserves permutation equivariance—ensuring computational structure aligns with privacy requirements—and introduce a one-time public-key mechanism enabling anonymous result delivery to users and achieving privacy amplification via shuffling. We formally prove that the scheme satisfies rigorous differential privacy under the shuffle model. Experiments demonstrate that PIC significantly outperforms baseline approaches on non-statistical tasks, improving utility while enhancing privacy budget efficiency by up to 40%.

In data-driven applications, preserving user privacy while enabling valuable computations remains a critical challenge. Technologies like differential privacy have been pivotal in addressing these concerns. The shuffle model of DP requires no trusted curators and can achieve high utility by leveraging the privacy amplification effect yielded from shuffling. These benefits have led to significant interest in the shuffle model. However, the computation tasks in the shuffle model are limited to statistical estimation, making it inapplicable to real-world scenarios in which each user requires a personalized output. This paper introduces a novel paradigm termed Private Individual Computation (PIC), expanding the shuffle model to support a broader range of permutation-equivariant computations. PIC enables personalized outputs while preserving privacy, and enjoys privacy amplification through shuffling. We propose a concrete protocol that realizes PIC. By using one-time public keys, our protocol enables users to receive their outputs without compromising anonymity, which is essential for privacy amplification. Additionally, we present an optimal randomizer, the Minkowski Response, designed for the PIC model to enhance utility. We formally prove the security and privacy properties of the PIC protocol. Theoretical analysis and empirical evaluations demonstrate PIC's capability in handling non-statistical computation tasks, and the efficacy of PIC and the Minkowski randomizer in achieving superior utility compared to existing solutions.