Differential privacy (DP) is a mathematical definition of privacy that can be widely applied when publishing data. DP has been recognized as a potential means of adhering to various privacy-related legal requirements. However, it can be difficult to reason about whether DP may be appropriate for a given context due to tensions that arise when it is brought from theory into practice. To aid policymaking around privacy concerns, we identify three categories of challenges to understanding DP along with associated questions that policymakers can ask about the potential deployment context to anticipate its impacts.
Abdu et al. (2024). Algorithmic Transparency and Participation through the Handoff Lens: Lessons Learned from the US Census Bureau’s Adoption of Differential Privacy. In The 2024 ACM Conference on Fairness, Accountability, and Transparency (pp. 1150–1162).
2.
Abowd et al. (2022). The 2020 census disclosure avoidance system topdown algorithm. In Harvard Data Science Review.
3.
Bailie et al. (2023). Can swapping be differentially private? A refreshment stirred, not shaken.
4.
Benthall, S., & Cummings, R. (2024). Integrating differential privacy and contextual integrity. In ACM Symposium on Computer Science and Law (pp. 9–15).
5.
boydD.SarathyS. (2022). Differential perspectives: Epistemic disconnects surrounding the US Census Bureau’s use of differential privacy. In Harvard Data Science Review.
Christ et al. (2022). Differential privacy and swapping: Examining de-identification’s impact on minority representation and privacy preservation in the us census. In 2022 IEEE symposium on security and privacy (SP) (pp. 457–472). IEEE.
8.
Citron, D. K., & Solove, D. J. (2022). Privacy harms. BUL Rev, 793.
9.
Clarke (2008). Possibilistic thinking: A new conceptual tool for thinking about extreme events. In Social Research (pp. 669–690).
10.
Cohen et al. (2022). “Census topdown: The impacts of differential privacy on redistricting.” In: arXiv preprint arXiv:2203.05085.
11.
Cummings, R., & Desai, D. (2018). The role of differential privacy in GDPR compliance. In FAT’18: Proceedings of the Conference on Fairness, Accountability, and Transparency (pp. 20).
12.
Cummings et al. (2024). “Comment on “NIST SP 800-226: Guidelines for Evaluating Differential Privacy Guarantees”.” In: (2024).
13.
Dankar, F. K., & El Emam, K. (2013). Practicing differential privacy in health care: A review. In Trans. Data Priv. (pp. 35–67).
14.
DworkA.RothC. (2014). The algorithmic foundations of differential privacy. In Foundations and Trends® in Theoretical Computer Science (pp. 211–407).
15.
Dwork et al. (2006). Calibrating noise to sensitivity in private data analysis. In Theory of Cryptography: Third Theory of Cryptography Conference, TCC 2006, New York, NY, USA, March 4–7, 2006. Proceedings 3 (pp. 265–284). Springer.
16.
Dwork et al. (2019). Differential privacy in practice: Expose your epsilons!. Journal of Privacy and Confidentiality.
17.
Eyal (2019). The crisis of expertise. John Wiley & Sons.
18.
Ficek et al. (2021). Differential privacy in health research: A scoping review.Journal of the American Medical Informatics Association, 2269–2276.
19.
Garfinkel, S. L., Abowd, J. M., & Powazek, S. (2018). Issues encountered deploying differential privacy. In Proceedings of the 2018 Workshop on Privacy in the Electronic Society (pp. 133–137).
20.
Hod, S., & Canetti, R. (2024). “Differentially Private Release of Israel’s National Registry of Live Births.” In: arXiv preprint arXiv:2405.00267(2024).
21.
Hotz et al. (2022). Balancing data privacy and usability in the federal statistical system. Proceedings of the National Academy of Sciences.
22.
Jarmin et al. (2023). An in-depth examination of requirements for disclosure risk assessment.Proceedings of the National Academy of Sciences.
23.
Kasiviswanathan et al. (2011). What can we learn privately?SIAM Journal on Computing, 793–826.
24.
Kenny et al. (2021). The use of differential privacy for census data and its impact on redistricting: The case of the 2020 US Census. Science advances.
25.
Kenny et al. (2024). Evaluating bias and noise induced by the US Census Bureau’s privacy protection methods. In Science Advances.
Machanavajjhala et al. (2007). l-diversity: Privacy beyond k-anonymity. In Acm transactions on knowledge discovery from data (tkdd).
28.
Mann et al. (2023). “Combining observational and experimental data for causal inference considering data privacy.” In: arXiv preprint arXiv:2308.02974.
29.
Manski (2020). The lure of incredible certitude. In Economics & Philosophy (pp. 216–245).
30.
McClure, D., & Reiter, J. P. (2012). Differential Privacy and Statistical Disclosure Risk Measures: An Investigation with Binary Synthetic Data. Trans. Data Priv, 535–552.
31.
McGeeney et al. (2019). 2020 Census Barriers, Attitudes, and Motivators Study Survey Report. Washington, DC: US Census Bureau.
32.
Nanayakkara et al. (2022). Visualizing privacy-utility trade-offs in differentially private data releases. In Proceedings on Privacy Enhancing Technologies (pp. 601–618).
33.
Nanayakkara et al. (2023). What Are the Chances? Explaining the Epsilon Parameter in Differential Privacy. In 32nd USENIX Security Symposium (USENIX Security 23) (pp. 1613–1630). USENIX Association. isbn: 978-1-939133-37-3. url: https://www.usenix.org/conference/usenixsecurity23/presentation/nanayakkara.
34.
Nanayakkara et al. (2024) Measure-Observe-Remeasure: An Interactive Paradigm for Exploratory Analysis Under Differential Privacy. In: IEEE Symposium on Security & Privacy (pp. 231–231).
35.
NanayakkaraP.HullmanJ. (2022). What’s driving conflicts around differential privacy for the US census. In IEEE Security & Privacy (pp. 33–42).
36.
Near, J., & Darais, D. (2023). Guidelines for Evaluating Differential Privacy Guarantees. Tech. rep. National Institute of Standards and Technology.
37.
NeumannV.MorgensternO. (1944). Theory of games and economic behavior. Princeton University Press.
38.
Pujol et al. (2020). Fair decision making using privacy-protected data. In Proceedings of the 2020 Conference on Fairness, Accountability, and Transparency (pp. 189–199).
39.
Reiter (2005). Estimating risks of identification disclosure in microdata. In Journal of the American Statistical Association (pp. 1103–1112).
40.
Samarati, P., & Sweeney, L. (1998). Generalizing data to provide anonymity when disclosing information. In PODS (pp. 10–1145).
41.
Sarathy. (2022). “From algorithmic to institutional logics: the politics of differential privacy.” In: Available at SSRN 4079222 (2022).
42.
Sarathy et al. (2023). Don’t look at the data! How differential privacy reconfigures the practices of data science. In Proceedings of the 2023 CHI Conference on Human Factors in Computing Systems (pp. 1–19).
43.
Savage (1954). The foundation of statistics. John Wiley & Sons.
44.
Schoeman (1984). Philosophical dimensions of privacy: An anthology. Cambridge University Press.
45.
Sciences Engineering et al. (2020). 2020 Census Data Products: Data Needs and Privacy Considerations: Proceedings of a Workshop. Ed. by Cork et al. The National Academies Press. isbn: 978-0-309-68484-2. https://doi.org/10.17226/25978.
46.
Seeman, J., & Susser, D. (2024). Between privacy and utility: On differential privacy in theory and practice. In ACM Journal on Responsible Computing (pp. 1–18).
47.
Shokri et al. (2017). Membership inference attacks against machine learning models. In 2017 IEEE symposium on security and privacy (SP) (pp. 3–18). IEEE.
48.
Sim et al. (2023). A Scalable Inclusive Security Intervention to Center Marginalized & Vulnerable Populations in Security & Privacy Design. In: Proceedings of the 2023 New Security Paradigms Workshop (pp. 102–115).
49.
Smart et al. (2022). Understanding risks of privacy theater with differential privacy. In Proceedings of the ACM on Human-Computer Interaction (pp. 1–24).
50.
Steed, R., & Acquisti, A. (2024). Adoption of 'Privacy-Preserving' Analytics: Drivers, Designs, & Decoupling. In SSRN (preprint).
51.
Steed et al. (2022). Policy impacts of statistical uncertainty and privacy. Science, 928–931.
52.
Wood et al. (2018). Differential privacy: A primer for a non-technical audience.Vand. J. Ent. & Tech. L., 209.
53.
Xiong et al. (2020). Towards Effective Differential Privacy Communication for Users’ Data Sharing Decision and Comprehension. In 2020 IEEE Symposium on Security and Privacy (SP) (pp. 392–410). IEEE.
