Formal Privacy Models and Title 13

The US Bureau of the Census (BOC) collects large quantities of data that can be useful for research and decision making by policymakers, businesses, and academics. The BOC is responsible for analyzing and publishing useful statistical data. As much of the collected data pertain to individuals, households, and establishments, the BOC also has a legal obligation to protect their privacy. It is difficult and labor-intensive to determine with confidence that these two requirements—privacy and utility—have been satisfied.

This research project seeks to further the use of formal approaches such as differential privacy that have the potential to provide rigorous guarantees that legal requirements for privacy and utility are met. Applying such approaches requires (a) bridging legal privacy requirements with mathematical privacy requirements, and (b) designing analysis methods that provide statistical utility while satisfying the privacy requirements from (a). Our team has developed tools satisfying these two goals in the context of Harvard’s Privacy Tools project, and we seek to collaborate with BOC staff to develop similar solutions that are tailored to the bureau’s specific requirements.

We address two major challenges confronting wider adoption of formal privacy models: (a) There is a wide conceptual and practical gap between the approaches found in formal privacy models and the heuristic approaches in current use and contemplated by existing regulatory and policy frameworks. (b) There is a gap between theoretical developments showing that formal privacy models like differential privacy permit, in principle, a wide collection of analyses and the actual use of analysis and publication techniques by the BOC. This project will result in methods for publishing data in ways that satisfy both formal mathematical privacy requirements and legal standards for privacy protection, thereby furthering “improvements to existing methods that protect privacy, avoiding the release of any information that would identify an individual or business in public statistics.” 

This project is a cooperative agreement from the US Bureau of the Census.

Principal Investigators

Salil Vadhan

Salil Vadhan

Principal Investigator
Vicky Joseph Professor of Computer Science and Applied Mathematics, SEAS, Harvard

Audra McMillan

Postdoctoral Associate
Department of Computer Science, Boston University
College of Computer Science and Information Sciences, Northeastern University

Daniel Alabi

Graduate student, Computer Science, Theory Group
Harvard School of Engineering and Applied Sciences
Adam D. Smith

Adam D. Smith

Visiting Scholar, Center for Research on Computation & Society, 2013-2014
Associate Professor, Computer Science and Engineering, Pennsylvania State University
Past Personnel
Urs Gasser

Urs Gasser

Executive Director, Berkman Center for Internet & Society
Professor of Practice, Harvard Law School
Current Member of Datatags Team
Kobbi Nissim

Kobbi Nissim

Senior Research Fellow at Harvard University
Professor of Computer Science at Georgetown University


K. Nissim and U. Stemmer. 3/2017. “Concentration Bounds for High Sensitivity Functions Through Differential Privacy." arXiv VersionAbstractPDF

K. Nissim, T. Steinke, A. Wood, M. Altman, A. Bembenek, M. Bun, M. Gaboardi, D. O'Brien, and S. Vadhan. 3/2017. Differential Privacy: A Primer for a Non-technical Audience (Preliminary Version). Cambridge, MA: a product of the "Bridging Privacy Definitions" working group, part of the Privacy Tools for Sharing Research Data project at Harvard University. AbstractPDF.

V. Karwa, S. Vadhan.  Finite Sample Differentially Private Confidence Intervals.  In preparation.

T. Brawner, J. Honaker.  Bootstrap Inference and Differential Privacy.  In preparation.