Issues Encountered Deploying Differential Privacy
It highlights practical barriers for organizations like statistical agencies in implementing privacy-preserving technologies, indicating incremental insights for real-world deployment.
The paper examines challenges in deploying differential privacy in practice, such as obtaining qualified personnel, setting privacy parameters, and aligning release mechanisms with user needs, based on the U.S. Census Bureau's experience.
When differential privacy was created more than a decade ago, the motivating example was statistics published by an official statistics agency. In attempting to transition differential privacy from the academy to practice, the U.S. Census Bureau has encountered many challenges unanticipated by differential privacy's creators. These challenges include obtaining qualified personnel and a suitable computing environment, the difficulty accounting for all uses of the confidential data, the lack of release mechanisms that align with the needs of data users, the expectation on the part of data users that they will have access to micro-data, and the difficulty in setting the value of the privacy-loss parameter, $ε$ (epsilon), and the lack of tools and trained individuals to verify the correctness of differential privacy implementations.