Hacker News new | ask | show | jobs
by sirgawain33 2334 days ago
I was curious how this application approached privacy budget management (e.g. how the privacy parameter ε is accounted for over multiple searches), but, flipping through the source, this application doesn't appear to use Differential Privacy at all.

The anonymization approach implemented is "generalization". Here's a test showing the outputs this app would produce:

https://github.com/abe-winter/arbout/blob/master/test/test_d...
1 comments
awinter-py 2334 days ago
you're right, edited the title
link
awinter-py 2334 days ago
no wait, I'm not actually sure you're right

differential privacy is any search that protects individual inputs from disclosure

link
sirgawain33 2334 days ago
Differential Privacy is a mathematical property. Here is the precise definition:

https://en.wikipedia.org/wiki/Differential_privacy#Definitio...

One way to phrase it intuitively is "the probability of any particular output from two databases that differ by one element is almost the same". The bound on "almost" is captured by the privacy parameter ε.

One of the smoking guns that this algorithm is not differentially private is that the code doesn't import `random` anywhere! A differentially private algorithm is always going to be stochastic.

link
awinter-py 2334 days ago
I've removed refs to differential privacy from the repo -- I think you're right and I misused the term
link