View all newsletters
Receive our newsletter - data, insights and analysis delivered to you
  1. Technology
  2. Cloud
September 6, 2019

Google Open Sources the Differential Privacy Library Used in its Core Products

"We’ve included a PostgreSQL extension along with common recipes"

By CBR Staff Writer

Google has open sourced the differential privacy library it uses to power some of its core products, the company said this week, making it available on on GitHub.

A differential privacy library is a database that, when queried, returns results that reveal as little information about the individuals in the dataset as possible.

Google’s release features a C++ library that developers can use to build their own tools and designs to aggregate data without the fear of de-anonymising data subjects.

The release comes amid a huge rise in the availability of public datasets that critics says is increasingly easy to de-anonymise: in July academics open sourced an algorithm that can identify over 99 percent of ostensibly anonymised US citizens from almost any available data set, using just 15 demographic attributes.

Read this: This Algorithm can Identify 99.98% of Americans in “Anonymised” Datasets

This type of data analytics has an array of uses cases. Google uses its own version of the library to show Google map users how popular dishes are in a restaurant, without exposing the customers who have ordered those dishes.

Miguel Guevara, Product Manager, Privacy and Data Protection Office notes that: “If you are a health researcher, you may want to compare the average amount of time patients remain admitted across various hospitals in order to determine if there are differences in care. Differential privacy is a high-assurance, analytic means of ensuring that use cases like this are addressed in a privacy-preserving manner.”

Differential Privacy Library RAPPOR

In order to help developers catch mistakes Google have included the extensible ‘Stochastic Differential Privacy Model Checker library’ into the library.

Content from our partners
Green for go: Transforming trade in the UK
Manufacturers are switching to personalised customer experience amid fierce competition
How many ends in end-to-end service orchestration?

The open sourced differential privacy library is designed to scale to developer’s needs, so they can add in mechanisms such as aggregation functions, or privacy budget management.

A key technique behind the databases is RAPPOR (Randomized Aggregatable Privacy-Preserving Ordinal Response); RAPPOR is a differential privacy tool that adds white noise to any questions asked of a database. This is used by Google in Chrome and was open sourced in its own right in 2014.

The library will enable researchers and developers to run statistical function operations such as calculating sums, computing medians and percentiles. They have also included a PostSQL extension that lets users’ safely store and scale an SQL language database, and published common recipes to help developers get started.

In a technical paper Google’s Wilson et al, write that they: “Express this method as an operator in relational algebra, and implement it in an SQL engine. To validate this system, we test the utility of typical queries on industry benchmarks, and verify its correctness with a stochastic test framework we developed.”

The library can be extended to include other functionalities such as additional mechanisms, aggregation functions, or privacy budget management.

See Also: New Fake Update Malware Toolkit Adapts to Location and Language

Websites in our network
Select and enter your corporate email address Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
  • CIO
  • CTO
  • CISO
  • CSO
  • CFO
  • CDO
  • CEO
  • Architect Founder
  • MD
  • Director
  • Manager
  • Other
Visit our privacy policy for more information about our services, how New Statesman Media Group may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.