"I need a better description": An Investigation Into User Expectations For Differential Privacy

  title={"I need a better description": An Investigation Into User Expectations For Differential Privacy},
  author={Rachel Cummings and Gabriel Kaptchuk and Elissa M. Redmiles},
  journal={Proceedings of the 2021 ACM SIGSAC Conference on Computer and Communications Security},
Despite recent widespread deployment of differential privacy, relatively little is known about what users think of differential privacy. In this work, we seek to explore users' privacy expectations related to differential privacy. Specifically, we investigate (1) whether users care about the protections afforded by differential privacy, and (2) whether they are therefore more willing to share their data with differentially private systems. Further, we attempt to understand (3) users' privacy… 

Figures and Tables from this paper

SoK: Machine Learning Governance
The approach first systematizes research towards ascertaining ownership of data and models, thus fostering a notion of identity specific to ML systems, and uses identities to hold principals accountable for failures of ML systems through both attribution and auditing.
Visualizing Privacy-Utility Trade-Offs in Differentially Private Data Releases
Organizations often collect private data and release aggregate statistics for the public’s benefit. If no steps toward preserving privacy are taken, adversaries may use released statistics to deduce…


Towards Understanding Differential Privacy: When Do People Trust Randomized Response Technique?
It is found that allowing individuals to see the amount of obfuscation applied to their responses increased their trust in the privacy-protecting mechanism, and it is demonstrated that prudent privacy-related decisions can be cultivated with simple explanations of usable privacy.
Privacy policies as decision-making tools: an evaluation of online privacy notices
This paper evaluates the usability of online privacy policies, as well as the practice of posting them, and determines that significant changes need to be made to current practice to meet regulatory and usability requirements.
How Well Do My Results Generalize? Comparing Security and Privacy Survey Results from MTurk, Web, and Telephone Samples
These findings lend tempered support for the generalizability of prior crowdsourced security and privacy user studies; provide context to more accurately interpret the results of such studies; and suggest rich directions for future work to mitigate experience- rather than demographic-related sample biases.
"My Data Just Goes Everywhere: " User Mental Models of the Internet and Implications for Privacy and Security
A qualitative study to understand what people do and do not know about the Internet and how that knowledge affects their responses to privacy and security risks suggests a greater emphasis on policies and systems that protect privacy andSecurity without relying too much on users' security practices.
Towards Effective Differential Privacy Communication for Users’ Data Sharing Decision and Comprehension
When shown descriptions that explain the implications instead of the definition/processes of DP or LDP technique, participants demonstrated better comprehension and showed more willingness to share information with LDP than with DP, indicating their understanding of LDP’s stronger privacy guarantee compared with DP.
Engineering Privacy
The paper uses a three-layer model of user privacy concerns to relate them to system operations and examine their effects on user behavior, and develops guidelines for building privacy-friendly systems.
Examining Internet privacy policies within the context of user privacy values
Examining Internet users' major expectations about website privacy and revealed a notable discrepancy between what privacy policies are currently stating and what users deem most significant are suggested to privacy managers and software project managers.
Differential Privacy: A Primer for a Non-Technical Audience
This primer aims to provide a foundation that can guide future decisions when analyzing and sharing statistical data about individuals, informing individuals about the privacy protection they will be afforded, and designing policies and regulations for robust privacy protection.
Home is safer than the cloud!: privacy concerns for consumer cloud storage
The results show that privacy requirements for consumer cloud storage differ from those of companies, and that cultural differences greatly influence user attitudes and beliefs, such as their willingness to store sensitive data in the cloud and their acceptance that law enforcement agencies monitor user accounts.
Differential Privacy and Social Science: An Urgent Puzzle
In the discussion around privacy risks and data protection, a large number of disciplines must band together to solve this urgent puzzle of the authors' time, including social science, computer science, ethics, law, and statistics, as well as public and private policy.