On June 13th 2016 at the Apple Worldwide Developers Conference, Craig Federighi, VP of software engineering, mentioned a particular kind of privacy enhancing tool that would enable “crowdsourced learning” while keeping people’s information completely private. He was talking about differential privacy.
Although the concept is apparently not new -at least in the fields of statistics and mathematics- it was announced by Apple as a novel way of protecting people’s privacy and, since it is new to me, I got a copy of the original article featuring this concept and read through it.
In the article’s authors’ (Cynthia Dwork, Frank McSherry, Kobbi Nissim and Adan Smith) words, “the goal of a privacy-preserving statistical database is to enable the user to learn properties of the population as a whole while protecting the privacy of the individual contributors”.
But how is this achieved? Again, in the author’s words, “On input a query function f mapping databases to reals, the so-called true answer is the result of applying f to the database. To protect privacy, the true answer is perturbed by the addition of random noise generated according to a carefully chosen distribution, and this response, the true answer plus noise, is returned to the user”. Piece of cake! No? In other words, “In differential privacy nobody actually looks at raw data. There is an interface that sits between the data analyst and the raw data and it ensures that privacy is maintained”.
How will this work exactly and how will it protect user’s data? When introduced with MacOS Sierra, the differential privacy algorithm will apparently come with an opt-in feature. The technique is expected to improve Apple’s text, emoji and link suggestions. It is important to note also that images stored by users will be off-limits and will not be used to improve image recognition algorithms ...Zum vollständigen Artikel