The technical literature about data privacy largely consists of two complementary approaches: formal definitions conditions sufficient for preservation and attacks that demonstrate breaches. Differential is an accepted standard in the former sphere. However, differential privacy's powerful adversarial model worst-case guarantees may make it too stringent some situations, especially when achieving comes at a significant cost to utility. Meanwhile, aim expose real worrying risks associated with existing release processes but often face criticism being unrealistic. Moreover, on generally does not identify what properties are necessary defend against them. We address gap between these approaches by introducing demographic coherence, condition inspired we argue privacy. This captures violations arising from inferences individuals incoherent respect patterns data. Our framework focuses confidence rated predictors, which can turn be distilled almost any data-informed process. Thus, capture threats exist even no attack explicitly carried out. only provides algorithms analysed suggests natural experimental evaluation methodologies could used build practical intuition tangible assessment risks. Finally, coherence weaker than privacy: prove every differentially private also demographically coherent, there coherent private.

Load

Load