The Differential Privacy Corner: What has the US Backed Itself Into?
An expanding body of data privacy research reveals that computational advances and ever-growing amounts of publicly retrievable data increase re-identification risks. Because of this, data publishers are realizing that traditional statistical disclosure limitation methods may not protect privacy....
| Main Authors: | , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
Swansea University
2019-11-01
|
| Series: | International Journal of Population Data Science |
| Online Access: | https://ijpds.org/article/view/1315 |
| id |
doaj-e6cc24b032e340c2b13572dda3ff757f |
|---|---|
| record_format |
Article |
| spelling |
doaj-e6cc24b032e340c2b13572dda3ff757f2020-11-25T00:43:36ZengSwansea UniversityInternational Journal of Population Data Science2399-49082019-11-014310.23889/ijpds.v4i3.1315The Differential Privacy Corner: What has the US Backed Itself Into?Amy O'Hara0Quentin Brummet1Georgetown UniversityNORC An expanding body of data privacy research reveals that computational advances and ever-growing amounts of publicly retrievable data increase re-identification risks. Because of this, data publishers are realizing that traditional statistical disclosure limitation methods may not protect privacy. This paper discusses the use of differential privacy at the US Census Bureau to protect the published results of the 2020 census. We first discuss the legal framework under which the Census Bureau intends to use differential privacy. The Census Act in the US states that the agency must keep information confidential, avoiding “any publication whereby the data furnished by any particular establishment or individual under this title can be identified.” The fact that Census may release fewer statistics in 2020 than in 2010 is leading scholars to parse the meaning of identification and reevaluate the agency’s responsibility to balance data utility with privacy protection. We then describe technical aspects of the application of differential privacy in the U.S. Census. This data collection is enormously complex and serves a wide variety of users and uses -- 7.8 billion statistics were released using the 2010 US Census. This complexity strains the application of differential privacy to ensure appropriate geographic relationships, respect legal requirements for certain statistics to be free of noise infusion, and provide information for detailed demographic groups. We end by discussing the prospects of applying formal mathematical privacy to other information products at the Census Bureau. At present, techniques exist for applying differential privacy to descriptive statistics, histograms, and counts, but are less developed for more complex data releases including panel data, linked data, and vast person-level datasets. We expect the continued development of formally private methods to occur alongside discussions of what privacy means and the policy issues involved in trading off protection for accuracy. https://ijpds.org/article/view/1315 |
| collection |
DOAJ |
| language |
English |
| format |
Article |
| sources |
DOAJ |
| author |
Amy O'Hara Quentin Brummet |
| spellingShingle |
Amy O'Hara Quentin Brummet The Differential Privacy Corner: What has the US Backed Itself Into? International Journal of Population Data Science |
| author_facet |
Amy O'Hara Quentin Brummet |
| author_sort |
Amy O'Hara |
| title |
The Differential Privacy Corner: What has the US Backed Itself Into? |
| title_short |
The Differential Privacy Corner: What has the US Backed Itself Into? |
| title_full |
The Differential Privacy Corner: What has the US Backed Itself Into? |
| title_fullStr |
The Differential Privacy Corner: What has the US Backed Itself Into? |
| title_full_unstemmed |
The Differential Privacy Corner: What has the US Backed Itself Into? |
| title_sort |
differential privacy corner: what has the us backed itself into? |
| publisher |
Swansea University |
| series |
International Journal of Population Data Science |
| issn |
2399-4908 |
| publishDate |
2019-11-01 |
| description |
An expanding body of data privacy research reveals that computational advances and ever-growing amounts of publicly retrievable data increase re-identification risks. Because of this, data publishers are realizing that traditional statistical disclosure limitation methods may not protect privacy.
This paper discusses the use of differential privacy at the US Census Bureau to protect the published results of the 2020 census. We first discuss the legal framework under which the Census Bureau intends to use differential privacy. The Census Act in the US states that the agency must keep information confidential, avoiding “any publication whereby the data furnished by any particular establishment or individual under this title can be identified.” The fact that Census may release fewer statistics in 2020 than in 2010 is leading scholars to parse the meaning of identification and reevaluate the agency’s responsibility to balance data utility with privacy protection.
We then describe technical aspects of the application of differential privacy in the U.S. Census. This data collection is enormously complex and serves a wide variety of users and uses -- 7.8 billion statistics were released using the 2010 US Census. This complexity strains the application of differential privacy to ensure appropriate geographic relationships, respect legal requirements for certain statistics to be free of noise infusion, and provide information for detailed demographic groups.
We end by discussing the prospects of applying formal mathematical privacy to other information products at the Census Bureau. At present, techniques exist for applying differential privacy to descriptive statistics, histograms, and counts, but are less developed for more complex data releases including panel data, linked data, and vast person-level datasets. We expect the continued development of formally private methods to occur alongside discussions of what privacy means and the policy issues involved in trading off protection for accuracy.
|
| url |
https://ijpds.org/article/view/1315 |
| work_keys_str_mv |
AT amyohara thedifferentialprivacycornerwhathastheusbackeditselfinto AT quentinbrummet thedifferentialprivacycornerwhathastheusbackeditselfinto AT amyohara differentialprivacycornerwhathastheusbackeditselfinto AT quentinbrummet differentialprivacycornerwhathastheusbackeditselfinto |
| _version_ |
1725277445690490880 |