Randori: Differentially Private Data Collection Made Accessible

Poster (konferens), 2019

Poster Abstract

Differential privacy is currently the gold standard for privacy-preserving data collection. While the solution of enforcing differential privacy for every data collection may seem trivial, due to differential privacy's theoretical nature and vast number of possible implementations, guaranteeing differential privacy in real-world data collections often seems daunting to practitioners.

Contribution
To bridge the gap between practitioners and research, we present Randori, a set of tools intended for interactively gathering data under local differential privacy. The purpose of Randori is to make differential privacy accessible to analysts, no matter their privacy expertise. Randori consists of four main stages.

Randori merges theory into hands-on tools, ready to be used for data collection. Furthermore, Randori solves the additional privacy challenges, such as time channels, that arise when data is gathered interactively, in this case through a web browser. By providing tools not only for the design phase, but also for the collection process, Randori can guarantee privacy end-to-end. The modular nature of Randori also allows experienced users to further customize their data collection, for example by providing their own web client, or skipping the simulation phase.

Fit with Theme & Reason to Spark Discussions
Differential privacy is currently a hot topic in privacy, and therefore we believe Randori will attract attention at EuroS&P because of the attendees' interest in privacy. Furthermore, EuroS&P would be a fitting venue to receive feedback and ideas regarding how Randori can be improved, both from privacy experts and non-experts. As some attendants may have an interest in differential privacy, but are not applying it to their data collections yet, the venue would also provide an opportunity to spread the word and get others interested in using Randori.