pith. sign in

arxiv: 2211.03898 · v1 · pith:4PXQZUUFnew · submitted 2022-11-07 · 💻 cs.CR

Lessons Learned: Surveying the Practicality of Differential Privacy in the Industry

classification 💻 cs.CR
keywords privacydifferentialdataacrossadoptioncompaniesenterprisefindings
0
0 comments X
read the original abstract

Since its introduction in 2006, differential privacy has emerged as a predominant statistical tool for quantifying data privacy in academic works. Yet despite the plethora of research and open-source utilities that have accompanied its rise, with limited exceptions, differential privacy has failed to achieve widespread adoption in the enterprise domain. Our study aims to shed light on the fundamental causes underlying this academic-industrial utilization gap through detailed interviews of 24 privacy practitioners across 9 major companies. We analyze the results of our survey to provide key findings and suggestions for companies striving to improve privacy protection in their data workflows and highlight the necessary and missing requirements of existing differential privacy tools, with the goal of guiding researchers working towards the broader adoption of differential privacy. Our findings indicate that analysts suffer from lengthy bureaucratic processes for requesting access to sensitive data, yet once granted, only scarcely-enforced privacy policies stand between rogue practitioners and misuse of private information. We thus argue that differential privacy can significantly improve the processes of requesting and conducting data exploration across silos, and conclude that with a few of the improvements suggested herein, the practical use of differential privacy across the enterprise is within striking distance.

This paper has not been read by Pith yet.

discussion (0)

Sign in with ORCID, Apple, or X to comment. Anyone can read and Pith papers without signing in.

Forward citations

Cited by 1 Pith paper

Reviewed papers in the Pith corpus that reference this work. Sorted by Pith novelty score.

  1. Within-Dataset Disclosure Risk for Differential Privacy

    cs.DB 2023-10 unverdicted novelty 5.0

    Derives a relative disclosure risk indicator (RDR) and algorithms for selecting epsilon in differential privacy based on within-dataset individual risks, plus a multi-query leakage bound.