LOGBOOK

HELP

Quiz Entry - updated: 2026.05.31

How does Differential Privacy (DP) make individual contributions to a dataset unrecoverable?

DP adds carefully calibrated random noise to query results so that the presence or absence of any single individual changes the output only by a bounded amount — captured by a privacy budget ε (epsilon).

The intuition:

  • You ask a database "how many of these patients have disease X?"
  • The exact count would reveal individual contributions (if you re-ask after one person leaves, you learn their status).
  • DP returns "count + Laplace noise" — the noise is large enough that one person's data can't be inferred, but small enough that aggregate statistics are still useful.

The math (very simplified):

  • For a query with sensitivity Δ (the maximum any one individual can change the result), the noise scale is Δ/ε.
  • Smaller ε → more noise → stronger privacy but less accuracy.
  • Each query consumes part of a finite privacy budget; after enough queries, the dataset can no longer be queried.

Real-world deployments:

  • Apple — DP applied to iOS keyboard suggestions, emoji telemetry, Safari usage stats.
  • Google — Chrome usage telemetry (RAPPOR), federated learning aggregation.
  • US Census Bureau — 2020 Census published with DP-protected counts.

Common confusion:

  • "Anonymisation" = removing identifiers (name, address). Easily defeated by linkage attacks.
  • "Differential privacy" = mathematically bounding what can be inferred. Provably hard to defeat, even with auxiliary data.

Tip: DP is one of the few privacy notions with a clean mathematical guarantee instead of "we tried our best." When evaluating a privacy claim, ask "is there an explicit ε, and how was it chosen?" — vague "we use differential privacy" with no ε is marketing.

From Quiz: ISF / Cryptographic Protocols & Requirements | Updated: May 31, 2026