What is Differential Privacy?

Definition, Framework 

Privacy Threats

Membership Disclosure

Being able to tell that a person is in (or not in) a dataset.  It impact confidentiality.

Identity Disclosure

Being able to tell the identity of the person to whom the record corresponds (anonymity)

Attribute  Disclosure

Being able to tell that a person has a specific (sensitive) attribute

Attribute  Disclosure

Being able to tell that a person has a specific (sensitive) attribute

Inference Threat

Being able to tell something new (undisclosed) about a person

Privacy by design

Privacy principles need to be built into everyday operations.  These should shift the burden of protecting private information from individual users and consumers to business entities.   Privacy. by design has been accepted internationally e.g. GDPR and USA has special regulations related to it.

Privacy Principles

• Privacy should be embedded into design

• Privacy protection should be Proactive not reactive

• Provide default setting for privacy

• Provide visibility and Transparency

• End to end security should be enabled

• Use Positive-sum Philosophy

Other things to consider

• Privacy is not a one time problem, it is ongoing endeavor.

• Application and product design should think about privacy requirement from beginning.  It should not be after thought. Privacy should be embedded into design and should not be add on.

• Do not wait till end and take action after the breach.  Be proactive and design privacy from beginning.  Take corrective measure if breach occur.

• A product out of box should be privacy aware and should protect individual.  There need to be opt out mechanism if product is collecting data. 

• Pay even more attention to government data.

Privacy Paradox

What information people consider private?

How much value people give to Privacy?

How do people manage privacy uncertainty?

what is ideal privacy vs practical?

What survey method and information collection method are appropriate?

Information asymmetry

Privacy Summary

1. Personal right to be left alone

2. Person right to control their information

3. Personal right to be let alone

4. Person right to have secrecy

5. Right for autonomous decision making

Privacy Design

Privacy design should  consider following

1. Privacy laws

2. Boundary regulations

3. Anonymity need

4. Confidentiality need

5. controls need

6. Differential Privacy

Privacy Tools

1. Analytical

2. Contextual Integrity

3. Taxonomy of harms

Privacy protect from internal employees

• Make information available to employee on need basis

• Have audit procedure and review

• Segregate data so that employee can only access small slice on need basis

• Fix issue - if employees have access to too much information

Workshop Agenda

Sure, here is an agenda for a 2-week class on differential privacy for business and technical users:

Week 1

• Day 1: Introduction to differential privacy

  • What is differential privacy?

  • Why is differential privacy important?

  • How does differential privacy work?

  • Overview of Algorithms

• Day 2: Differential privacy in practice

  • How to use differential privacy to protect privacy in machine learning

  • Case studies of differential privacy in practice

• Day 3: Challenges of differential privacy

  • Limitations of differential privacy

  • How to overcome the limitations of differential privacy

Week 2

• Day 4: Advanced topics in differential privacy

  • Differential privacy for high-dimensional data

  • Differential privacy for streaming data

  • Differential privacy for federated learning

• Day 5: Ethical considerations of differential privacy

  • How to use differential privacy in a responsible way

  • The trade-off between privacy and utility

• Day 6: Final project

  • Students will develop a differential privacy algorithm to solve a real-world problem