Bridging Privacy Definitions: Differential Privacy and Privacy Concepts from Law and Policy

  • Starts: 12:30 pm on Monday, March 12, 2018
  • Ends: 2:00 pm on Monday, March 12, 2018
Interest in differential privacy is growing among policymakers and privacy practitioners as an approach to satisfying legal and policy requirements for privacy protection when using and sharing personal information. However, demonstrating that formal privacy models such as differential privacy satisfy legal requirements for privacy protection is a significant challenge due to conceptual gaps between the legal and technical definitions.

This presentation, given by Harvard Berkman Center fellow Alexandra Wood, will discuss how the use of differential privacy can be understood to be sufficient to satisfy a wide range of legal and policy requirements, despite these definitional gaps. It will draw from specific examples of privacy requirements from a selection of laws such as the Family Educational Rights and Privacy Act (FERPA), the Health Insurance Portability and Accountability Act (HIPAA) Privacy Rule, Title 13 of the U.S. Code (governing the US Census Bureau), and the Confidential Information Protection and Statistical Efficiency Act (CIPSEA). Key concepts from these legal requirements that are found to be relevant to privacy in computation include personally identifiable information, de-identification, linkage, inference, identification risk, expert determination, consent and opting out, and purpose and access limitations.

While none of these legal and policy concepts refer directly to differential privacy, the differential privacy guarantee can be interpreted to address these concepts while accommodating differences in how they are defined and interpreted. A series of examples will be provided to show how policymakers and privacy practitioners can interpret the differential privacy guarantee as sufficient to satisfy legal and policy requirements that rely on these concepts. This approach can, in turn, guide practitioners in the future as they make decisions when analyzing and sharing statistical data about individuals, informing individuals about the privacy protection they will be afforded, and designing policies and regulations for robust privacy protection.

Please send your RSVP for this talk to Refreshments provided.
BUild Lab IDG Capital Student Innovation Center, 730 Commonwealth Avenue