U.S. flag   An unofficial archive of your favorite United States government website
Dot gov

Official websites do not use .rip
We are an unofficial archive, replace .rip by .gov in the URL to access the official website. Access our document index here.

Https

We are building a provable archive!
A lock (Dot gov) or https:// don't prove our archive is authentic, only that you securely accessed it. Note that we are working to fix that :)

NIST SP 800-226 (Initial Public Draft)

Guidelines for Evaluating Differential Privacy Guarantees

Date Published: December 11, 2023
Comments Due: January 25, 2024
Email Comments to: privacyeng@nist.gov

Author(s)

Joseph Near (University of Vermont), David Darais (Galois)

Editor(s)

Naomi Lefkovitz (NIST), Gary Howarth (NIST)

Announcement

This publication is about differential privacy, a privacy-enhancing technology that quantifies privacy risk to individuals when their information appears in a dataset. In response to President Biden’s Executive Order on the Safe, Secure, and Trustworthy Development and Use of Artificial Intelligence, SP 800-226 is intended to help agencies and practitioners of all backgrounds—policy makers, business owners, product managers, IT technicians, software engineers, data scientists, researchers, and academics—better understand how to evaluate promises made (and not made) when deploying differential privacy, including for privacy-preserving machine learning. Additionally, there is a supplemental package of Python Jupyter notebooks that illustrate how to achieve differential privacy and other concepts described in the publication.

Submit comments by 11:59 p.m. EST on Thursday, January 25, 2024 to privacyeng@nist.gov. We encourage you to use this comment template.

Note to Reviewers

The authors welcome feedback on all aspects of this publication, particularly on the following questions:

  • Does this publication have a clear and appropriate scope?
  • Is this publication understandable for the intended audience?
  • Does publication provide a conceptual framework for understanding the uses and pitfalls of differential privacy? Is there any guidance that is not well-founded?
  • Is the differential privacy pyramid a helpful conceptual device?
  • Are the privacy hazards described accurately? Should additional hazards be added?
  • For topics where the research is inconclusive, were any key points missed from the literature?

NOTE: A call for patent claims is included on page ii of this draft. For additional information, see the Information Technology Laboratory (ITL) Patent Policy Inclusion of Patents in ITL Publications.

Abstract

Keywords

anonymization; data analytics; data privacy; de-identification; differential privacy; privacy; privacy-enhancing technologies
Control Families

None selected

Documentation

Publication:
https://doi.org/10.6028/NIST.SP.800-226.ipd
Download URL

Supplemental Material:
Python Jupyter notebooks
Comment template (xlsx)

Document History:
12/11/23: SP 800-226 (Draft)

Topics

Security and Privacy

analytics, privacy

Applications

mathematics

Laws and Regulations

Executive Order 14110