Since the advent of differential privacy, a number of systems supporting differentially private data analyses have been implemented and deployed. This article tracks real-world deployments, production software packages, and research prototypes.
Name | Organization | Year Introduced | Notes | Still in use? | |
---|---|---|---|---|---|
OnTheMap: Interactive tool for exploration of US income and commute patterns. [1] [2] | US Census Bureau | 2008 | First deployment of differential privacy | Yes | |
RAPPOR in Chrome Browser to collect security metrics [3] [4] | 2014 | First widespread use of local differential privacy | No | ||
Emoji analytics; analytics. Improve: QuickType, emoji; Spotlight deep link suggestions; Lookup Hints in Notes. Emoji suggestions, health type usage estimates, Safari energy drain statistics, Autoplay intent detection (also in Safari) [5] | Apple | 2017 | Yes | ||
Application telemetry [6] | Microsoft | 2017 | Application usage statistics Microsoft Windows. | yes | |
Flex: A SQL-based system developed for internal Uber analytics [7] [8] | Uber | 2017 | Unknown | ||
2020 Census [9] | US Census Bureau | 2018 | Yes | ||
Audience Engagement API [10] | 2020 | Yes | |||
Labor Market Insights [11] | 2020 | Yes | |||
COVID-19 Community Mobility Reports [12] | 2020 | Unknown | |||
Advertiser Queries [13] | 2020 | ||||
U.S. Broadband Coverage Data Set [14] | Microsoft | 2021 | Unknown | ||
College Scorecard Website | IRS and Dept. of Education | 2021 | Unknown | ||
Ohm Connect [15] | Recurve | 2021 | |||
Live Birth Dataset [16] [17] | Israeli Ministry of Health | 2024 | Yes |
These software packages purport to be usable in production systems. They are split in two categories: those focused on answering statistical queries with differential privacy, and those focused on training machine learning models with differential privacy.
Name | Developer | Year Introduced | Notes | Still maintained? |
---|---|---|---|---|
Google's differential privacy libraries [18] | 2019 | Building block libraries in Go, C++, and Java; end-to-end framework in Go,. [19] | Yes | |
OpenDP [20] | Harvard, Microsoft | 2020 | Core library in Rust, [21] SDK in Python with an SQL interface. | Yes |
Tumult Analytics [22] | Tumult Labs [23] | 2022 | Python library, running on Apache Spark. | Yes |
PipelineDP [24] | Google, OpenMined [25] | 2022 | Python library, running on Apache Spark, Apache Beam, or locally. | Yes |
PSI (Ψ): A Private data Sharing Interface | Harvard University Privacy Tools Project. [26] | 2016 | No | |
TopDown Algorithm [27] | United States Census Bureau | 2020 | Production code used in the 2020 US Census. | No |
Name | Developer | Year Introduced | Notes | Still maintained? |
---|---|---|---|---|
Diffprivlib [28] | IBM [29] | 2019 | Python library. | Yes |
TensorFlow Privacy [30] [31] | 2019 | Differentially private training in TensorFlow. | Yes | |
Opacus [32] | Meta | 2020 | Differentially private training in PyTorch. | Yes |
Name | Citation | Year Published | Notes |
---|---|---|---|
PINQ: An API implemented in C#. | [33] | 2010 | |
Airavat: A MapReduce-based system implemented in Java hardened with SELinux-like access control. | [34] | 2010 | |
Fuzz: Time-constant implementation in Caml Light of a domain-specific language. | [35] | 2011 | |
GUPT: Implementation of the sample-and-aggregate framework. | [36] | 2012 | |
KTELO: A framework and system for answering linear counting queries. | [37] | 2018 |
In addition to standard defects of software artifacts that can be identified using testing or fuzzing, implementations of differentially private mechanisms may suffer from the following vulnerabilities:
A recommender system, or a recommendation system, is a subclass of information filtering system that provides suggestions for items that are most pertinent to a particular user. Recommender systems are particularly useful when an individual needs to choose an item from a potentially overwhelming number of items that a service may offer.
In cryptography, a private information retrieval (PIR) protocol is a protocol that allows a user to retrieve an item from a server in possession of a database without revealing which item is retrieved. PIR is a weaker version of 1-out-of-n oblivious transfer, where it is also required that the user should not get information about other database items.
A smart contract is a computer program or a transaction protocol that is intended to automatically execute, control or document events and actions according to the terms of a contract or an agreement. The objectives of smart contracts are the reduction of need for trusted intermediators, arbitration costs, and fraud losses, as well as the reduction of malicious and accidental exceptions. Smart contracts are commonly associated with cryptocurrencies, and the smart contracts introduced by Ethereum are generally considered a fundamental building block for decentralized finance (DeFi) and NFT applications.
Differential privacy (DP) is an approach for providing privacy while sharing information about a group of individuals, by describing the patterns within the group while withholding information about specific individuals. This is done by making arbitrary small changes to individual data that do not change the statistics of interest. Thus the data cannot be used to infer much about any individual.
Patrick Eugene O'Neil was an American computer scientist, an expert on databases, and a professor of computer science at the University of Massachusetts Boston.
Air-gap malware is malware that is designed to defeat the air-gap isolation of secure computer systems using various air-gap covert channels.
Unums are a family of number formats and arithmetic for implementing real numbers on a computer, proposed by John L. Gustafson in 2015. They are designed as an alternative to the ubiquitous IEEE 754 floating-point standard. The latest version is known as posits.
Shai Halevi is a computer scientist who works on cryptography research at Amazon Web Services.
Intel Software Guard Extensions (SGX) is a set of instruction codes implementing trusted execution environment that are built into some Intel central processing units (CPUs). They allow user-level and operating system code to define protected private regions of memory, called enclaves. SGX is designed to be useful for implementing secure remote computation, secure web browsing, and digital rights management (DRM). Other applications include concealment of proprietary algorithms and of encryption keys.
RIPE Atlas is a global, open, distributed Internet measurement platform, consisting of thousands of measurement devices that measure Internet connectivity in real time.
Local differential privacy (LDP) is a model of differential privacy with the added requirement that if an adversary has access to the personal responses of an individual in the database, that adversary will still be unable to learn much of the user's personal data. This is contrasted with global differential privacy, a model of differential privacy that incorporates a central aggregator with access to the raw data.
Differentially private analysis of graphs studies algorithms for computing accurate graph statistics while preserving differential privacy. Such algorithms are used for data represented in the form of a graph where nodes correspond to individuals and edges correspond to relationships between them. For examples, edges could correspond to friendships, sexual relationships, or communication patterns. A party that collected sensitive graph data can process it using a differentially private algorithm and publish the output of the algorithm. The goal of differentially private analysis of graphs is to design algorithms that compute accurate global information about graphs while preserving privacy of individuals whose data is stored in the graph.
Runtime predictive analysis is a runtime verification technique in computer science for detecting property violations in program executions inferred from an observed execution. An important class of predictive analysis methods has been developed for detecting concurrency errors in concurrent programs, where a runtime monitor is used to predict errors which did not happen in the observed run, but can happen in an alternative execution of the same program. The predictive capability comes from the fact that the analysis is performed on an abstract model extracted online from the observed execution, which admits a class of executions beyond the observed one.
Proof of personhood (PoP) is a means of resisting malicious attacks on peer to peer networks, particularly, attacks that utilize multiple fake identities, otherwise known as a Sybil attack. Decentralized online platforms are particularly vulnerable to such attacks by their very nature, as notionally democratic and responsive to large voting blocks. In PoP, each unique human participant obtains one equal unit of voting power, and any associated rewards.
In type theory, session types are used to ensure correctness in concurrent programs. They guarantee that messages sent and received between concurrent programs are in the expected order and of the expected type. Session type systems have been adapted for both channel and actor systems.
Hertzbleed is a hardware security attack which describes exploiting dynamic frequency scaling to reveal secret data. The attack is a kind of timing attack, bearing similarity to previous power analysis vulnerabilities. Hertzbleed is more dangerous than power analysis, as it can be exploited by a remote attacker. Disclosure of cryptographic keys is the main concern regarding the exploit but other uses of the attack have been demonstrated since its initial discovery.
Anil Madhavapeddy is the Professor of Planetary Computing at the Department of Computer Science and Technology in the University of Cambridge, a Fellow of Pembroke College, Cambridge, and a J M Keynes Fellow. He is the Founding Director of the Cambridge Centre for Carbon Credits, aiming to distribute funds raised through the sale of carbon credits in a verifiable manner.
Soufflé is an open source parallel logic programming language, influenced by Datalog. Soufflé includes both an interpreter and a compiler that targets parallel C++. Soufflé has been used to build static analyzers, disassemblers, and tools for binary reverse engineering. Soufflé is considered by academic researchers to be high-performance and "state of the art," and is often used in benchmarks in academic papers.
Learned sparse retrieval or sparse neural search is an approach to text search which uses a sparse vector representation of queries and documents. It borrows techniques both from lexical bag-of-words and vector embedding algorithms, and is claimed to perform better than either alone. The best-known sparse neural search systems are SPLADE and its successor SPLADE v2. Others include DeepCT, uniCOIL, EPIC, DeepImpact, TILDE and TILDEv2, Sparta, SPLADE-max, and DistilSPLADE-max.
{{cite journal}}
: |last1=
has generic name (help)