The Living Thing / Notebooks :

Differential privacy

Another thing I won’t have time to blog or fully understand, but will collect a few explanatory blog posts about for emergency cribbing.

Learning Statistics with Privacy, aided by the Flip of a Coin:

Let’s say you wanted to count how many of your online friends were dogs,
while respecting the maxim that, on the Internet,
nobody should know you’re a dog.
To do this, you could ask each friend to answer the question
“Are you a dog?” in the following way.
Each friend should flip a coin in secret,
and answer the question truthfully if the coin came up heads;
but, if the coin came up tails, that friend should always say “Yes”
Then you could get a good estimate of the true count from the
greater-than-half fraction of your friends that answered “Yes”.
However, you still wouldn’t know which of your friends was a dog:
each answer “Yes” would most likely be due to that friend’s coin flip coming
up tails.

NB this would need to be a weighted coin, or you don’t learn anything.

This has recently become particularly publicly interesting because the US census has fingered mathematical differential privacy methods for preserving literal citizen privacy. This has spawned some good layperson’s intrpoductions,

Alexandra Wood et al, Differential Privacy: A Primer for a Non-Technical Audience, and Mark Hansen has written an illlustrated explanation.

There is a fun paper arguing that Bayesian posterior sampling has certain differential privacy guarantees.