Report - Belfer Center for Science and International Affairs, Harvard Kennedy School

Technology Factsheet: Differential Privacy

| Fall 2020

Download the Full Document:

Executive Summary

Differential privacy is a safeguard used to protect an individual’s data privacy. It allows for the collection and publication of data patterns and trends, while protecting the privacy of individuals captured in a data- set. Differential privacy is not a tool or method, but rather a criterion or a property that multiple methods can achieve. More specifically, it is a mathematical definition of privacy that quantifies privacy risk. It considers a maximum level of privacy loss, called the privacy loss parameter, and manipulates the content of a dataset in order to achieve that level of privacy, while maintaining the utility and accuracy of a dataset.

Differential privacy has clear benefits, particularly that it is robust against a wide range of privacy at- tacks. Additionally, it is transparent, having the ability to share information about data analyses without negatively affecting individual privacy. It also allows for transparency regarding the margin of error, uncertainty, and other variables that most statistical disclosure limitations do not allow for. As a result, differential privacy has significant potential to enable wide access to data that previously could not be shared, including sensitive data such as medical or financial data.

While these benefits exist, there are also several challenges associated with differential privacy. For example, differential privacy yields better accuracy for larger datasets than it does for smaller ones. There are also no accepted guidelines for determining the privacy loss parameter, and as a result, companies are currently using differential privacy with weaker privacy protection than the research community finds acceptable. There are not many production-ready tools and expert practitioners available in this area yet. Even so, differential privacy has been growing in popularity. From the public sector to the private sector—including organizations like the U.S. Census Bureau, Google, Facebook, Uber, Amazon, and Microsoft—it is being leveraged to protect sensitive data against potential privacy attacks.

However, policy is falling short. Most existing privacy laws and regulations focus on personally identifiable data and rely on legal concepts that have less relevance to differential privacy. There are currently no guidelines, at a national or an international level, on how to safely implement differential privacy (or any other approach to digital privacy for that matter).

There is an urgent need, as well as a tremendous opportunity, to update the privacy framework, specifically to promote investment in and adoption of modern understandings of privacy and new tools for privacy protection, such as differential privacy. The U.S. has the opportunity to lead the way not just on the technology, but also on policy to ensure that differential privacy’s challenges are addressed—and its benefits are fully captured.

For more information on this publication: Belfer Communications Office
For Academic Citation: Gandhi, Raina. “Technology Factsheet: Differential Privacy.” Belfer Center for Science and International Affairs, Harvard Kennedy School, Fall 2020.

The Author