During the 2023 OpenDP Community Meeting, one of the parallel breakout sessions that was held focused on identifying best practices and choosing applications for DP. Named “Responsible Use of Differential Privacy”, the session was led by Alexandra Wood (Harvard University) and Jayshree Sarathy (Columbia University) who guided the group into an interactive session that discussed ethical frameworks for statistical analysis, identified resources and stakeholders, and brainstormed open problems and research questions.
Recap
The session began with a level-setting presentation that outlined key ethical frameworks including: the NIST privacy framework, the ASA ethical guidelines for statistical practice, and chapter on “Designing Access with Differential Privacy.”
Alexandra and Jayshree then proceeded to lead the group through three exercises. First was a group discussion around worst-case scenarios and best-case scenarios for potential real-world applications of OpenDP. Some of the worst-case scenarios identified by the group were:
- The use of DP to determine health statistics on a small population, resulting in inaccurate results and negative health care outcomes,
- Analysts treating DP as a checkbox, but actually using OpenDP incorrectly by accessing and exposing sensitive information in their implementations,
- Institutions using DP to justify the collection of data, and then using the data for dangerous things.
One community member summarized that there can be intentional and unintentional misuses of DP. Education can help address unintentional misuses of DP, but intentional misuses are scarier and harder to prevent. For best case scenarios, attendees brought up the following potential benefits of DP:
- DP can help democratize access to datasets, making it more likely to achieve scientific breakthroughs,
- DP can provide concrete value towards privacy, and can make it easier for people to value their privacy more,
- DP can help make science more transparent and replicable.
Next, the attendees were asked to form small groups to brainstorm resources and stakeholders around DP. What are resources from different fields that can inform the development of best practices for OpenDP usage? And who should be involved in determining these best practices? Attendees brainstormed several ideas, including the following:
- Resources: theories of participatory engagement and ethical use of technology from social science fields such as sociology, communication, technology studies, and media studies; historical development of tools and libraries from adjacent fields, such as cryptography; ongoing development of ethical frameworks for emerging technologies in the biotech space.
- Stakeholders: data subjects, data users including experts and non-experts, executives, lawyers, policymakers, civil rights advocates, and so on
Finally, the session ended with a stakeholder mapping exercise. Attendees were asked to consider the OpenDP community’s responsibility to different groups–data subjects, data analysts, data providers, and our community. For each group, they were tasked with identifying concerns, interventions, risks or challenges, and open problems. An example was provided for data subjects:
- Concern: Trust in data curator
- Intervention: Providing algorithms in the local model of DP
- Risk or challenge: Verifying correct deployment of local DP
- Open problem: Incentivizing curators to use of the local model given the loss in utility
This exercise led the group to touch on many different topics, including: stakeholder interests, financial incentives, academic incentives, accountability, privacy risk models, and system design artifacts.
After the session, the leaders of the two breakout groups recapped the sessions to the entire audience. One attendee pointed out that it would be interesting to discuss “Attacks,” the topic of the parallel breakout session, using the very ethical frameworks and exercises covered in the “Responsible Use” session.
The discussions from this breakout session continued long after the hour was up. Community members continued to talk about scenarios, resources, and stakeholder concerns and expressed interest in ongoing discussions regarding these topics. You can watch the session on the OpenDP YouTube channel here.
Next Steps
Building on the momentum from this session, the 2024 OpenDP Community Meeting will host a parallel breakout session and workshop called “DP Beyond Algorithms” to further discuss and develop frameworks for responsible use of DP. The parallel breakout session will be led by Rachel Cummings (Columbia University), Gabriel Kaptchuk (University of Maryland, College Park), Elissa Redmiles (Georgetown University), Priyanka Nanayakkara (Northwestern University), Jayshree Sarathy (Columbia University).