This work addresses the problem of answering counting queries over quantum-encoded datasets under differential privacy. By reformulating such queries as amplitude estimation tasks distinguishing between two orthogonal quantum states, the authors construct the first differentially private quantum protocol for counting queries, combining repeated computational-basis measurements with classical amplitude estimation algorithms. The key contributions include demonstrating that quantum randomness, amplified through repeated measurements, inherently enhances privacy guarantees; deriving a tight bound on global sensitivity tailored to counting queries; and designing an efficient protocol amenable to blind execution on a quantum server. Compared to generic query mechanisms, the proposed approach achieves a significantly improved trade-off between privacy and utility.

Differential privacy is a mathematical notion of data privacy that has fast become the de facto standard in privacy-preserving data analysis. Recently a lot of work has focused on differential privacy in the quantum setting. Continuing on this line of study, we investigate how to answer counting queries on a quantum encoded dataset with differential privacy. An example of a counting query is ``How many people in the dataset are over the age of 25 and with a university education?'' Counting queries form the most basic but nonetheless rich set of statistics extractable from a dataset. We show that answering these queries on a quantum encoded dataset reduces to measuring the amplitude of one of two orthogonal states. We then analyze the differential privacy properties of two algorithms from literature to measure amplitude: one which performs repeated measurements in the computational basis, and the other which utilizes the classic amplitude estimation algorithm. For the first technique, we prove privacy results for the case of counting queries that improve on previously known results on general queries, and show that the mechanism in fact \emph{amplifies} privacy due to inherent randomness. For the second method, we derive a tight bound on maximum possible change in the amplitude if we add or remove a single item in the dataset, a quantity called global sensitivity which is central in making an algorithm differentially private. We then show a differentially private version of the amplitude estimation algorithm for counting queries. We also discuss how these methods can be outsourced to a quantum server to blindly compute counting queries with differential privacy.