Skip to main content

The Potential of Differential Privacy (decentriq)

The Expert Group took place as a virtual meeting on June 26, 2022.

Tim Geppert from ZHAW opened the meeting and introduced Andrew Knox from decentriq.
Andrew introduced the group to the basics of differential Privacy by giving an intuitive understanding of Differential Privacy.

The following paragraph highlights this information (The Reference to further information below)

To better understand how differential privacy works, we will use the example of the collaboration between the clothing brand and the digital newspaper. The first thing the brand wants to do with the digital newspaper data is understand how many users exist with similar interests as the cloth brand customers. Running these computations without any privacy control could easily allow the brand to single out specific newspaper customers as well as learning more than what they supposed to know about the reading habits of individual brand customers.

What Differential privacy says, is that for a given output, you are limited in how sure you are that a given input could have caused it. This privacy leakage limitation is the result of some noise being added at the process of asking each question. Practically this means that the (noisy) answer of the question brand is asking will be (almost) the same even if any single user was removed from the dataset completely. Consequently the clothing brand can never know if the result they got was coming from a dataset that included a specific user, effectively protecting the privacy of any specific individual. The tuning part comes into play when we talk about the amount of noise you can add to each answer.

The amount of noise is determined by the parameter ε (epsilon). The lower the ε the noisier the data is (and more private). However, a differential private system is not only adding noise, but is able to use the knowledge of ε to optimize the utility of the data by factoring the noise in the aggregate calculations. Determining the right ε in a Differentially private system is a non-trivial task and most of the time because it implies that the data owner is knowledgable about the privacy risks that the specific ε number entails and what level of risk they are comfortable undertaking.

Following the talk the participants discussed the opportunities and challanges of this privacy enhancing technology and possible industry use cases. Here a key takeaway was that Differential Privacy allows organizations to take more informed decisions about their data privacy, but the privacy/utility trade off still exists.

If you like to get more information about differential privacy read also the full introductory article by decentriq which provides additional insights about limitations and features of differential privacy