A recent MIT Sloan Management Review article examines one of the chief privacy challenges of the digital age: as the amount of information companies collect increases, so too does the likelihood that personally identifiable information (PII) can be uncovered—regardless of how well those details are protected. 

Differential privacy, or DP, is emerging to help organizations address this issue. DP operates under the theory that, in order to ensure privacy is protected, some accuracy in the data must be sacrificed. The technology works by introducing small errors, known as statistical noise, either into the underlying data or when computing statistical results. Companies can control how much statistical noise is added to the data which, in turn, enables them to determine how much accuracy they are comfortable trading in order to ensure enhanced privacy. 

Privacy researchers have developed three distinct models for using DP:

The Trusted Curator Model 

In this approach, the company applies noise to the statistical result it publishes for wider consumption. This can protect both the data that is published externally and also the data that is used internally within the company. The Census Bureau uses the trusted curator model to publish privacy-protected information and it was also employed by Uber for a 2018 research project aimed at improving the customer experience. 

DP-Protected Synthetic Microdata 

Companies that apply the trusted curator model can also use this approach to enhance effectiveness. Under this framework, the company creates a statistical model of the original data, then applies DP to it to create a new privacy-protected model. This model is then used to create individual records which might contain some PII in order to produce similar statistical results when analyzed—but don’t exactly match those of an actual individual.

The Local Model 

In this approach, statistical noise is added to each data record at the time of collection—before it’s sent to analysts. Google originally used this method to produce statistics about Chrome users like home pages, visited sites, and OS processes as a way to improve malware blocking without collecting sensitive information. However, the company ultimately abandoned the approach because the amount of noise introduced meant that accuracy was too greatly impacted. 

The DP Roadmap

DP is still in its infancy and can really only be used for numerical statistics that rely on confidential data. Because it can’t currently be used to protect text, photos, voice, or video it’s not yet ready for the majority of business applications. 

However, that doesn’t mean organizations shouldn’t begin considering some small pilot projects in which they could gain experience with the technology. Click here for more on this and other DP considerations.