Productionized Fairness Measurement Under Privacy Constraints

Natesh S. Pillai; Osonde A. Osoba; Saikrishna Badrinarayanan; Sakshi Jain; Varun Mithal; Yuzi He

arxiv: 2606.27558 · v1 · pith:PBR3HB4Wnew · submitted 2026-06-25 · 💻 cs.LG · cs.CR

Productionized Fairness Measurement Under Privacy Constraints

Osonde A. Osoba , Yuzi He , Saikrishna Badrinarayanan , Varun Mithal , Sakshi Jain , Natesh S. Pillai This is my paper

Pith reviewed 2026-06-29 01:34 UTC · model grok-4.3

classification 💻 cs.LG cs.CR

keywords privacy preservingfairness measurementrace ethnicitydifferential privacysecure computationhomomorphic encryptiondemographic estimation

0 comments

The pith

PPRE enables fairness measurements for race and ethnicity using privacy-preserving technologies on demographic estimators.

A machine-rendered reading of the paper's core claim, the machinery that carries it, and where it could break.

This paper introduces Privacy-Preserving Probabilistic Race/Ethnicity Estimation, or PPRE, to support disaggregated fairness evaluations that depend on sensitive race and ethnicity signals. It layers secure two-party computation, differential privacy, and additive homomorphic encryption over the Bayesian Improved Surname Geocoding estimator and limited self-reported survey data. The approach is demonstrated for fairness measurements on both candidate and viewer sides. A reader would care because it shows how to satisfy privacy requirements while still producing actionable fairness metrics for US-based populations.

Core claim

PPRE applies privacy technologies (specifically: secure two-party computation, differential privacy, and additive homomorphic encryption) on top of two race/ethnicity demographic signal sources (the Bayesian Improved Surname Geocoding estimator and a sparse golden survey set of self-reported demographics) to power a fairness measurement solution with respect to US-based race/ethnicity demographics. The method details its privacy guarantees and applies to candidate- and viewer-side fairness measurements, closing with a transferable framework for similar privacy-preserving measurement infrastructure.

What carries the argument

PPRE, which integrates privacy-preserving computation techniques with probabilistic demographic estimation from surnames and surveys to enable protected fairness calculations.

If this is right

It supports fairness measurements without direct access to individual demographic data.
It maintains privacy guarantees through the specified technologies.
It can be transferred to other institutions for similar fairness infrastructure.
The framework applies to both candidate-side and viewer-side evaluations.

Where Pith is reading between the lines

These are editorial extensions of the paper, not claims the author makes directly.

Similar privacy layers could be added to other demographic or sensitive attribute estimations beyond race and ethnicity.
Production systems might adopt this to comply with regulations while auditing for bias.
Accuracy trade-offs could be quantified in future work to optimize the privacy-utility balance.

Load-bearing premise

The privacy technologies can be applied without reducing the statistical accuracy of the demographic signals below the level needed for meaningful fairness measurements.

What would settle it

A test where the privacy mechanisms cause the estimated fairness metrics to differ significantly from those computed with full access to the demographic data, rendering the measurements unreliable.

Figures

Figures reproduced from arXiv: 2606.27558 by Natesh S. Pillai, Osonde A. Osoba, Saikrishna Badrinarayanan, Sakshi Jain, Varun Mithal, Yuzi He.

**Figure 1.** Figure 1: PPRE system adversary from distinguishing BISG-estimated records from Self-ID records by inspecting probability values. In the flow diagram, (race p) denotes the probability vector race® p. 6.2 Secure Computation After data preparation, each party holds a private table. 𝑃1 holds rows (memid,race® p): member ID and six race/ethnicity probabilities. 𝑃2 holds rows (memid, ® values): member ID and test values.… view at source ↗

**Figure 2.** Figure 2: Comparing the cross-entropy of BISG variants against Self-ID survey responses on a member sub-sample. Lower is better. [PITH_FULL_IMAGE:figures/full_fig_p032_2.png] view at source ↗

read the original abstract

Fairness measurements in the form of disaggregated evaluations often rely on demographic signals that are legally constrained or culturally sensitive. Race and ethnicity signals are among the more difficult signals to curate and use for this task. This paper presents Privacy-Preserving Probabilistic Race/Ethnicity Estimation (PPRE) as a method for enabling fairness measurements with respect to race/ethnicity for U.S.\ LinkedIn members in a privacy-preserving manner. PPRE applies privacy technologies (specifically: secure two-party computation, differential privacy, and additive homomorphic encryption) on top of two race/ethnicity demographic signal sources (the Bayesian Improved Surname Geocoding estimator and a sparse golden survey set of self-reported demographics) to power a fairness measurement solution with respect to US-based race/ethnicity demographics. We detail its privacy guarantees and demonstrate its application on candidate- and viewer-side fairness measurements. We close with a transferable framework for institutions seeking to implement similar privacy-preserving measurement infrastructure.

Editorial analysis

A structured set of objections, weighed in public.

Desk editor's note, referee report, simulated authors' rebuttal, and a circularity audit. Tearing a paper down is the easy half of reading it; the pith above is the substance, this is the friction.

Desk Editor's Note private letter to a colleague

PPRE is a practical engineering description of layering 2PC, DP and homomorphic encryption on BISG plus surveys for LinkedIn fairness audits; the open question is whether the privacy layers leave the demographic estimates accurate enough to be actionable.

read the letter

The paper's core contribution is a deployed pipeline called PPRE that combines secure two-party computation, differential privacy, and additive homomorphic encryption with the Bayesian Improved Surname Geocoding estimator and a sparse self-reported survey set. It shows how this stack supports race/ethnicity disaggregated fairness measurements for U.S. LinkedIn members without exposing individual signals.

It does a clean job of spelling out the privacy guarantees and walking through two concrete use cases: candidate-side and viewer-side fairness. The closing section on a transferable framework is also useful for other organizations facing similar constraints.

The main soft spot is the accuracy claim. The central assumption is that the privacy mechanisms do not push the group proportion estimates far enough to flip or weaken downstream disparity conclusions. The abstract gives no error bounds, sensitivity numbers, or non-private baseline comparisons, so the full paper needs to supply those to make the claim convincing. If that analysis is missing or weak, the practical value drops.

This is aimed at industry teams doing responsible-AI measurement under privacy rules. It is the sort of concrete implementation paper that deserves a serious referee even if the novelty is mostly in the assembly rather than new primitives.

Referee Report

1 major / 0 minor

Summary. The manuscript presents Privacy-Preserving Probabilistic Race/Ethnicity Estimation (PPRE) as a method for enabling fairness measurements with respect to U.S. race/ethnicity demographics for LinkedIn members. PPRE layers secure two-party computation, differential privacy, and additive homomorphic encryption on the Bayesian Improved Surname Geocoding (BISG) estimator together with a sparse golden survey set of self-reported demographics. The paper states that it details the resulting privacy guarantees, demonstrates the approach on candidate- and viewer-side fairness measurements, and supplies a transferable framework for similar institutional implementations.

Significance. If the privacy mechanisms preserve sufficient statistical fidelity in the derived race/ethnicity distributions, the work would supply a concrete, production-ready template for performing disaggregated fairness audits when direct demographic signals are legally or culturally restricted.

major comments (1)

[Abstract] Abstract: the central claim that secure 2PC, DP, and additive homomorphic encryption can be applied to BISG and survey data while keeping the resulting probability distributions sufficiently faithful for downstream disparity calculations to remain meaningful is unsupported by any error bounds, sensitivity analysis, or empirical accuracy results; this directly bears on the weakest assumption that the estimates stay actionable.

Simulated Author's Rebuttal

1 responses · 0 unresolved

We thank the referee for their review and for highlighting the need to substantiate the fidelity of the privacy-preserving estimates. We address the single major comment below.

read point-by-point responses

Referee: [Abstract] Abstract: the central claim that secure 2PC, DP, and additive homomorphic encryption can be applied to BISG and survey data while keeping the resulting probability distributions sufficiently faithful for downstream disparity calculations to remain meaningful is unsupported by any error bounds, sensitivity analysis, or empirical accuracy results; this directly bears on the weakest assumption that the estimates stay actionable.

Authors: We agree that the manuscript as submitted does not supply explicit error bounds, sensitivity analysis, or direct empirical accuracy comparisons quantifying how the privacy layers affect the race/ethnicity probability distributions relative to non-private BISG. The current text focuses on privacy guarantees and application demonstrations, but these do not directly address statistical fidelity under the added mechanisms. We will revise the manuscript to include a new section (or subsection) that reports (i) analytic error bounds derived from the differential privacy and homomorphic encryption parameters, (ii) sensitivity analysis over key hyperparameters, and (iii) empirical accuracy results on held-out survey data comparing private versus non-private outputs. These additions will be referenced from the abstract. revision: yes

Circularity Check

0 steps flagged

No circularity: framework description relies on external privacy primitives and data sources

full rationale

The paper presents PPRE as an engineering composition of established privacy technologies (2PC, DP, homomorphic encryption) applied to the pre-existing BISG estimator and a sparse self-reported survey. No equations, fitted parameters, or derived predictions appear in the provided abstract or description. The central claim is a feasibility statement about layering known privacy mechanisms without reducing any output quantity to a redefinition or self-fit of its inputs. No self-citation is invoked as a uniqueness theorem or load-bearing justification for the method itself. The derivation chain is therefore self-contained against external benchmarks and receives the default non-circularity finding.

Axiom & Free-Parameter Ledger

0 free parameters · 0 axioms · 0 invented entities

Only the abstract is available; no free parameters, axioms, or invented entities are described.

pith-pipeline@v0.9.1-grok · 5712 in / 1063 out tokens · 30302 ms · 2026-06-29T01:34:18.171123+00:00 · methodology

discussion (0)

Reference graph

Works this paper leans on

39 extracted references · 7 canonical work pages

[1]

Airbnb. 2020. Measuring Discrimination on the Airbnb Platform. https://news.airbnb.com/measuring-discrimination-on-the-airbnb-platform/

2020
[2]

Rachad Alao, Miranda Bogen, Jingang Miao, Ilya Mironov, and Jonathan Tannen. 2021. How Meta is working to assess fairness in relation to race in the U.S. across its products and systems. https://ai.meta.com/research/publications/how-meta-is-working-to-assess-fairness-in-relation-to-race- in-the-us-across-its-products-and-systems/

2021
[3]

Saikrishna Badrinarayanan, Sakshi Jain, Osonde Osoba, Rahul Tandra, Miao Cheng, Ryan Rogers, and Natesh S. Pillai. 2024. Privacy-Preserving Race/Ethnicity Estimation for Algorithmic Bias Measurement in the U.S.arXiv preprint arXiv:2407.XXXXX(2024). Predecessor paper establishing the PPRE architecture

2024
[4]

Matthew Baird and Danielle Kavanagh-Smith. 2024. US Race/Ethnicity Work Trends: Leadership and Remote Work. https://economicgraph.linkedin. com/content/dam/me/economicgraph/en-us/PDF/us-race-and-ethnicity-work-trends.pdf

2024
[5]

Solon Barocas, Anhong Guo, Ece Kamar, Jacquelyn Krones, Meredith Ringel Morris, Jennifer Wortman Vaughan, W Duncan Wadsworth, and Hanna Wallach. 2021. Designing disaggregated evaluations of AI systems: Choices, considerations, and tradeoffs. InProceedings of the 2021 AAAI/ACM Conference on AI, Ethics, and Society. ACM, New York, NY, USA, 368–378

2021
[6]

Bernstein

Daniel J. Bernstein. 2006. Curve25519: New Diffie-Hellman Speed Records. InPublic Key Cryptography (PKC 2006). Springer, Berlin, Heidelberg, 207–228. https://doi.org/10.1007/11745853_14

work page doi:10.1007/11745853_14 2006
[7]

Prasad Buddhavarapu, Andrew Knox, Payman Mohassel, Shubho Sengupta, Erik Taubeneck, and Vlad Vlaskin. 2020. Private Matching for Compute. IACR Cryptology ePrint Archive2020 (2020), 599. https://eprint.iacr.org/2020/599

2020
[8]

Consumer Financial Protection Bureau. 2014. Using publicly available information to proxy for unidentified race and ethnicity: A methodology and assessment. https://files.consumerfinance.gov/f/201409_cfpb_report_proxy-methodology.pdf

2014
[9]

US Census Bureau. 2011. Summary File 1 Dataset. https://www.census.gov/data/datasets/2010/dec/summary-file-1.html

2011
[10]

US Census Bureau. 2016. Frequently Occurring Surnames from the 2010 Census. https://www.census.gov/topics/population/genealogy/data/2010_ surnames.html

2016
[11]

Jiahao Chen, Nathan Kallus, Xiaojie Mao, Geoffry Svacha, and Madeleine Udell. 2019. Fairness under unawareness: Assessing disparity when protected class is unobserved. InProceedings of the Conference on Fairness, Accountability, and Transparency. ACM, New York, NY, USA, 339–348

2019
[12]

Kevin DeLuca and John A Curiel. 2023. Validating the applicability of bayesian inference with surname and geocoding to congressional redistricting. Political Analysis31, 3 (2023), 465–471

2023
[13]

Cynthia Dwork, Frank McSherry, Kobbi Nissim, and Adam Smith. 2006. Calibrating noise to sensitivity in private data analysis. InProceedings of the Third Conference on Theory of Cryptography(New York, NY)(TCC’06). Springer-Verlag, Berlin, Heidelberg, 265–284. doi:10.1007/11681878_14

work page doi:10.1007/11681878_14 2006
[14]

Marc N Elliott, Peter A Morrison, Allen Fremont, Daniel F McCaffrey, Philip Pantoja, and Nicole Lurie. 2009. Using the Census Bureau’s surname list to improve estimates of race/ethnicity and associated disparities.Health Services and Outcomes Research Methodology9 (2009), 69–83

2009
[15]

2023.Measuring and mitigating racial disparities in tax audits

Hadi Elzayn, Evelyn Smith, Thomas Hertz, Arun Ramesh, Jacob Goldin, Daniel E Ho, and Robin Fisher. 2023.Measuring and mitigating racial disparities in tax audits. Stanford Institute for Economic Policy Research (SIEPR), Stanford, CA. 26 Osoba et al

2023
[16]

Alexandre Evfimievski, Johannes Gehrke, and Ramakrishnan Srikant. 2003. Limiting privacy breaches in privacy preserving data mining. In Proceedings of the Twenty-Second ACM SIGMOD-SIGACT-SIGART Symposium on Principles of Database Systems(San Diego, California)(PODS ’03). Association for Computing Machinery, New York, NY, USA, 211–222. doi:10.1145/773153.773174

work page doi:10.1145/773153.773174 2003
[17]

2017.Analysis and comparative review of equality data collection practices in the European Union: Data collection in the field of ethnicity

Lilla Farkas. 2017.Analysis and comparative review of equality data collection practices in the European Union: Data collection in the field of ethnicity. Technical Report. European Commission, Directorate-General for Justice and Consumers, Luxembourg

2017
[18]

Huberman, Matthew K

Bernardo A. Huberman, Matthew K. Franklin, and Tad Hogg. 1999. Enhancing privacy and trust in electronic communities. InACM Conference on Electronic Commerce (EC ’99). ACM, New York, NY, USA, 78–86

1999
[19]

Kosuke Imai, Santiago Olivella, and Evan TR Rosenman. 2022. Addressing census data problems in race imputation via fully Bayesian Improved Surname Geocoding and name supplements.Science Advances8, 49 (2022), eadc9824

2022
[20]

Mihaela Ion, Ben Kreuter, Ahmet Erhan Nergiz, Sarvar Patel, Shobhit Saxena, Karn Seth, Mariana Raykova, David Shanahan, and Moti Yung. 2020. On Deploying Secure Computing: Private Intersection-Sum-with-Cardinality. InIEEE European Symposium on Security and Privacy (EuroS&P). IEEE, Genoa, Italy, 370–389

2020
[21]

Nathan Kallus, Xiaojie Mao, and Angela Zhou. 2022. Assessing algorithmic fairness with unobserved protected class using data combination. Management Science68, 3 (2022), 1959–1981

2022
[22]

Lee, Kobbi Nissim, Sofya Raskhodnikova, and Adam Smith

Shiva Prasad Kasiviswanathan, Homin K. Lee, Kobbi Nissim, Sofya Raskhodnikova, and Adam Smith. 2011. What can we learn privately?SIAM J. Comput.40, 3 (2011), 793–826. http://arxiv.org/abs/0803.0924

Pith/arXiv arXiv 2011
[23]

John Knowles, Nicola Persico, and Petra Todd. 2001. Racial Bias in Motor Vehicle Searches: Theory and Evidence.Journal of Political Economy109, 1 (2001), 203–229

2001
[24]

Blake Lawit and Ya Xu. 2023. Sharing LinkedIn’s Responsible AI Principles. https://www.linkedin.com/blog/member/trust-and-safety/responsible- ai-principles

2023
[25]

Yehuda Lindell. 2021. Secure multiparty computation.Commun. ACM64, 1 (2021), 86–96. https://doi.org/10.1145/3387108

work page doi:10.1145/3387108 2021
[26]

C. Meadows. 1986. A More Efficient Cryptographic Matchmaking Protocol for Use in the Absence of a Continuously Available Third Party. InIEEE Symposium on Security and Privacy. IEEE, Oakland, CA, 134–137

1986
[27]

Harvard School of Engineering and Applied Sciences. 2023. How Can Bias Be Removed from Artificial Intelligence-Powered Hiring Platforms? Harvard-led institute to pursue fairness in online systems. https://seas.harvard.edu/news/2023/06/how-can-bias-be-removed-artificial-intelligence- powered-hiring-platforms

2023
[28]

Office of Management and Budget. 1997. Revisions to the Standards for the Classification of Federal Data on Race and Ethnicity. https://www. federalregister.gov/documents/1997/10/30/97-28653/revisions-to-the-standards-for-the-classification-of-federal-data-on-race-and-ethnicity

1997
[29]

Office of Management and Budget. 2024. Revisions to OMB’s Statistical Policy Directive No. 15: Standards for Maintaining, Collecting, and Presenting Federal Data on Race and Ethnicity. https://www.federalregister.gov/documents/2024/03/29/2024-06469/revisions-to-ombs-statistical- policy-directive-no-15-standards-for-maintaining-collecting-and

2024
[30]

Pascal Paillier. 1999. Public-Key Cryptosystems Based on Composite Degree Residuosity Classes. InAdvances in Cryptology (EUROCRYPT ’99). Springer, Berlin, Heidelberg, 223–238

1999
[31]

Benny Pinkas, Thomas Schneider, Christian Weinert, and Udi Wieder. 2018. Efficient Circuit-Based PSI via Cuckoo Hashing. InAdvances in Cryptology (EUROCRYPT 2018). Springer, Cham, 125–157

2018
[32]

Aaron Rieke, Vincent Southerland, Dan Svirsky, and Mingwei Hsu. 2022. Imperfect Inferences: A Practical Assessment. InProceedings of the 2022 ACM Conference on Fairness, Accountability, and Transparency. ACM, New York, NY, USA, 767–777

2022
[33]

Camelia Simoiu, Sam Corbett-Davies, and Sharad Goel. 2017. The Problem of Infra-Marginality in Outcome Tests for Discrimination.The Annals of Applied Statistics11, 3 (2017), 1193–1216

2017
[34]

Aditya Srinivas Timmaraju, Mehdi Mashayekhi, Mingliang Chen, Qi Zeng, Quintin Fettes, Wesley Cheung, Yihan Xiao, Manojkumar Rangasamy Kannadasan, Pushkar Tripathi, Sean Gahagan, et al. 2023. Towards Fairness in Personalized Ads Using Impression Variance Aware Reinforcement Learning. InProceedings of the 29th ACM SIGKDD Conference on Knowledge Discovery an...

2023
[35]

Konstantinos Tzioumis. 2018. Data for: Demographic aspects of first names. https://doi.org/10.7910/DVN/TYJKEZ. doi:10.7910/DVN/TYJKEZ

work page doi:10.7910/dvn/tyjkez 2018
[36]

Sarah Villeneuve and McKane Andrus. 2021. Fairer Algorithmic Decision-Making and Its Consequences: Interrogating the Risks and Benefits of Demographic Data Collection, Use, and Non-Use. https://partnershiponai.org/paper/fairer-algorithmic-decision-making-and-its-consequences/

2021
[37]

Ioan Voicu. 2018. Using first name information to improve race and ethnicity classification.Statistics and Public Policy5, 1 (2018), 1–13

2018
[38]

Stanley L Warner. 1965. Randomized Response: A Survey Technique for Eliminating Evasive Answer Bias.J. Amer. Statist. Assoc.60, 309 (1965), 63–69. https://doi.org/10.2307/2283137

work page doi:10.2307/2283137 1965
[39]

Andrew Chi-Chih Yao. 1982. Protocols for Secure Computations (Extended Abstract). In23rd Annual Symposium on Foundations of Computer Science (FOCS). IEEE, Washington, DC, USA, 160–164. https://doi.org/10.1109/SFCS.1982.38 A Cryptographic and Statistical Primitives This appendix provides complete formal definitions of the cryptographic and statistical prim...

work page doi:10.1109/sfcs.1982.38 1982

[1] [1]

Airbnb. 2020. Measuring Discrimination on the Airbnb Platform. https://news.airbnb.com/measuring-discrimination-on-the-airbnb-platform/

2020

[2] [2]

Rachad Alao, Miranda Bogen, Jingang Miao, Ilya Mironov, and Jonathan Tannen. 2021. How Meta is working to assess fairness in relation to race in the U.S. across its products and systems. https://ai.meta.com/research/publications/how-meta-is-working-to-assess-fairness-in-relation-to-race- in-the-us-across-its-products-and-systems/

2021

[3] [3]

Saikrishna Badrinarayanan, Sakshi Jain, Osonde Osoba, Rahul Tandra, Miao Cheng, Ryan Rogers, and Natesh S. Pillai. 2024. Privacy-Preserving Race/Ethnicity Estimation for Algorithmic Bias Measurement in the U.S.arXiv preprint arXiv:2407.XXXXX(2024). Predecessor paper establishing the PPRE architecture

2024

[4] [4]

Matthew Baird and Danielle Kavanagh-Smith. 2024. US Race/Ethnicity Work Trends: Leadership and Remote Work. https://economicgraph.linkedin. com/content/dam/me/economicgraph/en-us/PDF/us-race-and-ethnicity-work-trends.pdf

2024

[5] [5]

Solon Barocas, Anhong Guo, Ece Kamar, Jacquelyn Krones, Meredith Ringel Morris, Jennifer Wortman Vaughan, W Duncan Wadsworth, and Hanna Wallach. 2021. Designing disaggregated evaluations of AI systems: Choices, considerations, and tradeoffs. InProceedings of the 2021 AAAI/ACM Conference on AI, Ethics, and Society. ACM, New York, NY, USA, 368–378

2021

[6] [6]

Bernstein

Daniel J. Bernstein. 2006. Curve25519: New Diffie-Hellman Speed Records. InPublic Key Cryptography (PKC 2006). Springer, Berlin, Heidelberg, 207–228. https://doi.org/10.1007/11745853_14

work page doi:10.1007/11745853_14 2006

[7] [7]

Prasad Buddhavarapu, Andrew Knox, Payman Mohassel, Shubho Sengupta, Erik Taubeneck, and Vlad Vlaskin. 2020. Private Matching for Compute. IACR Cryptology ePrint Archive2020 (2020), 599. https://eprint.iacr.org/2020/599

2020

[8] [8]

Consumer Financial Protection Bureau. 2014. Using publicly available information to proxy for unidentified race and ethnicity: A methodology and assessment. https://files.consumerfinance.gov/f/201409_cfpb_report_proxy-methodology.pdf

2014

[9] [9]

US Census Bureau. 2011. Summary File 1 Dataset. https://www.census.gov/data/datasets/2010/dec/summary-file-1.html

2011

[10] [10]

US Census Bureau. 2016. Frequently Occurring Surnames from the 2010 Census. https://www.census.gov/topics/population/genealogy/data/2010_ surnames.html

2016

[11] [11]

Jiahao Chen, Nathan Kallus, Xiaojie Mao, Geoffry Svacha, and Madeleine Udell. 2019. Fairness under unawareness: Assessing disparity when protected class is unobserved. InProceedings of the Conference on Fairness, Accountability, and Transparency. ACM, New York, NY, USA, 339–348

2019

[12] [12]

Kevin DeLuca and John A Curiel. 2023. Validating the applicability of bayesian inference with surname and geocoding to congressional redistricting. Political Analysis31, 3 (2023), 465–471

2023

[13] [13]

Cynthia Dwork, Frank McSherry, Kobbi Nissim, and Adam Smith. 2006. Calibrating noise to sensitivity in private data analysis. InProceedings of the Third Conference on Theory of Cryptography(New York, NY)(TCC’06). Springer-Verlag, Berlin, Heidelberg, 265–284. doi:10.1007/11681878_14

work page doi:10.1007/11681878_14 2006

[14] [14]

Marc N Elliott, Peter A Morrison, Allen Fremont, Daniel F McCaffrey, Philip Pantoja, and Nicole Lurie. 2009. Using the Census Bureau’s surname list to improve estimates of race/ethnicity and associated disparities.Health Services and Outcomes Research Methodology9 (2009), 69–83

2009

[15] [15]

2023.Measuring and mitigating racial disparities in tax audits

Hadi Elzayn, Evelyn Smith, Thomas Hertz, Arun Ramesh, Jacob Goldin, Daniel E Ho, and Robin Fisher. 2023.Measuring and mitigating racial disparities in tax audits. Stanford Institute for Economic Policy Research (SIEPR), Stanford, CA. 26 Osoba et al

2023

[16] [16]

Alexandre Evfimievski, Johannes Gehrke, and Ramakrishnan Srikant. 2003. Limiting privacy breaches in privacy preserving data mining. In Proceedings of the Twenty-Second ACM SIGMOD-SIGACT-SIGART Symposium on Principles of Database Systems(San Diego, California)(PODS ’03). Association for Computing Machinery, New York, NY, USA, 211–222. doi:10.1145/773153.773174

work page doi:10.1145/773153.773174 2003

[17] [17]

2017.Analysis and comparative review of equality data collection practices in the European Union: Data collection in the field of ethnicity

Lilla Farkas. 2017.Analysis and comparative review of equality data collection practices in the European Union: Data collection in the field of ethnicity. Technical Report. European Commission, Directorate-General for Justice and Consumers, Luxembourg

2017

[18] [18]

Huberman, Matthew K

Bernardo A. Huberman, Matthew K. Franklin, and Tad Hogg. 1999. Enhancing privacy and trust in electronic communities. InACM Conference on Electronic Commerce (EC ’99). ACM, New York, NY, USA, 78–86

1999

[19] [19]

Kosuke Imai, Santiago Olivella, and Evan TR Rosenman. 2022. Addressing census data problems in race imputation via fully Bayesian Improved Surname Geocoding and name supplements.Science Advances8, 49 (2022), eadc9824

2022

[20] [20]

Mihaela Ion, Ben Kreuter, Ahmet Erhan Nergiz, Sarvar Patel, Shobhit Saxena, Karn Seth, Mariana Raykova, David Shanahan, and Moti Yung. 2020. On Deploying Secure Computing: Private Intersection-Sum-with-Cardinality. InIEEE European Symposium on Security and Privacy (EuroS&P). IEEE, Genoa, Italy, 370–389

2020

[21] [21]

Nathan Kallus, Xiaojie Mao, and Angela Zhou. 2022. Assessing algorithmic fairness with unobserved protected class using data combination. Management Science68, 3 (2022), 1959–1981

2022

[22] [22]

Lee, Kobbi Nissim, Sofya Raskhodnikova, and Adam Smith

Shiva Prasad Kasiviswanathan, Homin K. Lee, Kobbi Nissim, Sofya Raskhodnikova, and Adam Smith. 2011. What can we learn privately?SIAM J. Comput.40, 3 (2011), 793–826. http://arxiv.org/abs/0803.0924

Pith/arXiv arXiv 2011

[23] [23]

John Knowles, Nicola Persico, and Petra Todd. 2001. Racial Bias in Motor Vehicle Searches: Theory and Evidence.Journal of Political Economy109, 1 (2001), 203–229

2001

[24] [24]

Blake Lawit and Ya Xu. 2023. Sharing LinkedIn’s Responsible AI Principles. https://www.linkedin.com/blog/member/trust-and-safety/responsible- ai-principles

2023

[25] [25]

Yehuda Lindell. 2021. Secure multiparty computation.Commun. ACM64, 1 (2021), 86–96. https://doi.org/10.1145/3387108

work page doi:10.1145/3387108 2021

[26] [26]

C. Meadows. 1986. A More Efficient Cryptographic Matchmaking Protocol for Use in the Absence of a Continuously Available Third Party. InIEEE Symposium on Security and Privacy. IEEE, Oakland, CA, 134–137

1986

[27] [27]

Harvard School of Engineering and Applied Sciences. 2023. How Can Bias Be Removed from Artificial Intelligence-Powered Hiring Platforms? Harvard-led institute to pursue fairness in online systems. https://seas.harvard.edu/news/2023/06/how-can-bias-be-removed-artificial-intelligence- powered-hiring-platforms

2023

[28] [28]

Office of Management and Budget. 1997. Revisions to the Standards for the Classification of Federal Data on Race and Ethnicity. https://www. federalregister.gov/documents/1997/10/30/97-28653/revisions-to-the-standards-for-the-classification-of-federal-data-on-race-and-ethnicity

1997

[29] [29]

Office of Management and Budget. 2024. Revisions to OMB’s Statistical Policy Directive No. 15: Standards for Maintaining, Collecting, and Presenting Federal Data on Race and Ethnicity. https://www.federalregister.gov/documents/2024/03/29/2024-06469/revisions-to-ombs-statistical- policy-directive-no-15-standards-for-maintaining-collecting-and

2024

[30] [30]

Pascal Paillier. 1999. Public-Key Cryptosystems Based on Composite Degree Residuosity Classes. InAdvances in Cryptology (EUROCRYPT ’99). Springer, Berlin, Heidelberg, 223–238

1999

[31] [31]

Benny Pinkas, Thomas Schneider, Christian Weinert, and Udi Wieder. 2018. Efficient Circuit-Based PSI via Cuckoo Hashing. InAdvances in Cryptology (EUROCRYPT 2018). Springer, Cham, 125–157

2018

[32] [32]

Aaron Rieke, Vincent Southerland, Dan Svirsky, and Mingwei Hsu. 2022. Imperfect Inferences: A Practical Assessment. InProceedings of the 2022 ACM Conference on Fairness, Accountability, and Transparency. ACM, New York, NY, USA, 767–777

2022

[33] [33]

Camelia Simoiu, Sam Corbett-Davies, and Sharad Goel. 2017. The Problem of Infra-Marginality in Outcome Tests for Discrimination.The Annals of Applied Statistics11, 3 (2017), 1193–1216

2017

[34] [34]

Aditya Srinivas Timmaraju, Mehdi Mashayekhi, Mingliang Chen, Qi Zeng, Quintin Fettes, Wesley Cheung, Yihan Xiao, Manojkumar Rangasamy Kannadasan, Pushkar Tripathi, Sean Gahagan, et al. 2023. Towards Fairness in Personalized Ads Using Impression Variance Aware Reinforcement Learning. InProceedings of the 29th ACM SIGKDD Conference on Knowledge Discovery an...

2023

[35] [35]

Konstantinos Tzioumis. 2018. Data for: Demographic aspects of first names. https://doi.org/10.7910/DVN/TYJKEZ. doi:10.7910/DVN/TYJKEZ

work page doi:10.7910/dvn/tyjkez 2018

[36] [36]

Sarah Villeneuve and McKane Andrus. 2021. Fairer Algorithmic Decision-Making and Its Consequences: Interrogating the Risks and Benefits of Demographic Data Collection, Use, and Non-Use. https://partnershiponai.org/paper/fairer-algorithmic-decision-making-and-its-consequences/

2021

[37] [37]

Ioan Voicu. 2018. Using first name information to improve race and ethnicity classification.Statistics and Public Policy5, 1 (2018), 1–13

2018

[38] [38]

Stanley L Warner. 1965. Randomized Response: A Survey Technique for Eliminating Evasive Answer Bias.J. Amer. Statist. Assoc.60, 309 (1965), 63–69. https://doi.org/10.2307/2283137

work page doi:10.2307/2283137 1965

[39] [39]

Andrew Chi-Chih Yao. 1982. Protocols for Secure Computations (Extended Abstract). In23rd Annual Symposium on Foundations of Computer Science (FOCS). IEEE, Washington, DC, USA, 160–164. https://doi.org/10.1109/SFCS.1982.38 A Cryptographic and Statistical Primitives This appendix provides complete formal definitions of the cryptographic and statistical prim...

work page doi:10.1109/sfcs.1982.38 1982