Episode 19. Explore the basics of differential privacy and its critical role in protecting individual anonymity. The hosts explain the latest guidelines and best practices in applying differential privacy to data for models such as AI. Learn how this method also makes sure that personal data remains confidential, even when datasets are analyzed or hacked.
Explore the basics of differential privacy and its critical role in protecting individual anonymity. The hosts explain the latest guidelines and best practices in applying differential privacy to data for models such as AI. Learn how this method also makes sure that personal data remains confidential, even when datasets are analyzed or hacked.
Show Notes
Intro and AI news (00:00)
What is differential privacy? (06:34)
- Differential privacy is a process for sensitive data anonymization that offers each individual in a dataset the same privacy they would experience if they were removed from the dataset entirely.
- NIST’s recent paper SP 800-226 IPD: “Any privacy harms that result form a differentially private analysis could have happened if you had not contributed your data”.
- There are two main types of differential privacy: global (NIST calls it Central) and local
Why should people care about differential privacy? (11:30)
- Interest has been increasing for organizations to intentionally and systematically prioritize the privacy and safety of user data
- Speed up deployments of AI systems for enterprise customers since connections to raw data do not need to be established
- Increase data security for customers that utilize sensitive data in their modeling systems
- Minimize the risk of sensitive data exposure for your data privileges - i.e. Don’t be THAT organization
Guidelines and resources for applied differential privacy
Practical examples of applied differential privacy (15:58)
- Continuous Features - cite: Dwork, McSherry, Nissim, and Smith’s 2006 seminal paper "Calibrating Noise to Sensitivity in Private Data Analysis”[2], introduces a concept called ε-differential privacy
- Categorical Features - cite: Warner (1965) created a randomized response technique in his paper titled: “Randomized Response: A Survey Technique for Eliminating Evasive Answer Bias”
Summary and key takeaways (23:59)
- Differential privacy is going to be a part of how many of us need to manage data privacy
- Data providers can’t provide us with anonymized data for analysis or when anonymization isn’t enough for our privacy needs
- Hopeful that cohort targeting takes over for individual targeting
- Remember: Differential privacy does not prevent bias!
What did you think? Let us know.
Do you have a question or a discussion topic for the AI Fundamentalists? Connect with them to comment on your favorite topics:
- LinkedIn - Episode summaries, shares of cited articles, and more.
- YouTube - Was it something that we said? Good. Share your favorite quotes.
- Visit our page - see past episodes and submit your feedback! It continues to inspire future episodes.