Practical Data Privacy • Katharine Jarmul & Alyona Galyeva

Learn how to implement data privacy and differential privacy in practice, without getting lost in theoretical jargon.

Key takeaways
  • Data privacy is about understanding and implementing techniques to limit what can be learned from data, even with sensitive information removed.
  • Differential privacy is a technique to achieve privacy guarantees by adding noise to data, making it difficult to identify individuals.
  • Pseudonymization is a method to replace personal identifiers with pseudonyms, but it’s not foolproof and doesn’t provide strong guarantees.
  • Data governance is essential for implementing privacy engineering, and it’s often challenging to achieve in large organizations.
  • There’s a trade-off between accuracy and privacy, and data scientists need to work within this boundary.
  • Differential privacy is not necessary for all use cases, and organizations need to consider their specific needs and risks.
  • Implementing differential privacy requires expertise and should not be attempted without proper knowledge and experience.
  • Software engineers, infosec, and data folks need to work together to implement privacy engineering and differential privacy.
  • The book aims to provide a practical guide to data privacy, focusing on implementation and techniques rather than theoretical aspects.
  • The chapters in the book are structured to provide a step-by-step approach to implementing data privacy, starting with data governance and moving on to differential privacy.
  • The book includes open-source libraries and code to help readers implement differential privacy.
  • The author emphasizes the importance of iteration and experimentation in implementing data privacy, and the need to consider the data consumer’s perspective.
  • Data governance should include categorization of data to determine its sensitivity and set boundaries for data access.
  • Implementing data privacy is not a one-time task, but rather an ongoing process that requires continuous evaluation and improvement.
  • The book provides a framework for implementing data privacy, and the author encourages readers to adapt it to their specific needs and circumstances.