Guidelines for Implementing and Auditing Differentially Private Systems
This work addresses the problem of ensuring robust privacy protections in data systems for developers and auditors, offering incremental guidelines based on existing differential privacy principles.
The paper tackles the challenge of implementing and auditing differentially private systems by providing a set of best practices, unit testing techniques, and guidelines for correct application and parameter settings, aimed at maximizing data utility while ensuring privacy.
Differential privacy is an information theoretic constraint on algorithms and code. It provides quantification of privacy leakage and formal privacy guarantees that are currently considered the gold standard in privacy protections. In this paper we provide an initial set of "best practices" for developing differentially private platforms, techniques for unit testing that are specific to differential privacy, guidelines for checking if differential privacy is being applied correctly in an application, and recommendations for parameter settings. The genesis of this paper was an initiative by Facebook and Social Science One to provide social science researchers with programmatic access to a URL-shares dataset. In order to maximize the utility of the data for research while protecting privacy, researchers should access the data through an interactive platform that supports differential privacy. The intention of this paper is to provide guidelines and recommendations that can generally be re-used in a wide variety of systems. For this reason, no specific platforms will be named, except for systems whose details and theory appear in academic papers.