Privacy and Data Science 31st PyData London Meetup 7 Feb 2017 Jason McFall CTO Privitar jason.mcfall@privitar.com

Credit: James Cridland

No content

Egor Tsvetkov https://birdinflight.com/ru/vdohnovenie/ fotoproect/06042016-face-big-data.html

Credit: Jorge Láscar

©Egor Tsvetkov

©Egor Tsvetkov

©Egor Tsvetkov

©Egor Tsvetkov

No content

http://www.informationisbeautiful.net/visualizations/worlds-biggest-data-breaches-hacks/

No content

No content

Using Private Data for Good

https://www.newscientist.com/article/2086454- revealed-google-ai-has-access-to-huge-haul-of-nhs- patient-data/ https://deepmind.com/health

Replace this

Location data

No content

Credit: Highways Agency

Human mobility dynamics in Pakistan. Amy Wesolowski et al. PNAS 2015;112:11887-11892 http://www.pnas.org/content/112/38/11887.long ©2015 by National Academy of Sciences Impact of human mobility on the emergence of dengue epidemics in Pakistan

No content

Publish and be Damned?

Credit: Matthew W. Hutchins, Harvard Law Record

Date of birth Gender ZIP code Ethnicity Visit date Diagnosis Procedure Medication Hospital visits Voter registration Name Address Phone Number Date of birth Gender ZIP code

No content

No content

https://research.neustar.biz/2014/09/15/riding-with-the-stars-passenger-privacy-in-the-nyc-taxicab-dataset/

https://research.neustar.biz/2014/09/15/riding-with-the-stars-passenger-privacy-in-the-nyc-taxicab-dataset/

Technology to the rescue?

984598498 33 Male N6 6DT Heart disease 804528909 39 Male N6 5PA Cancer 976234507 36 Female N6 5LB Asthma 789453297 38 Male N6 4TA HIV dgkdakhkjf 33 Male N6 6DT Heart disease ajhfqricddk 39 Male N6 5PA Cancer mndbhbnai 36 Female N6 5LB Asthma lalhfkippfaj 38 Male N6 4TA HIV John Smith 984598498 33 Male N6 6DT Heart disease James Brown 804528909 39 Male N6 5PA Cancer Sarah Jones 976234507 36 Female N6 5LB Asthma David Evans 789453297 38 Male N6 4TA HIV Step 0: Remove Identifiers

No content

33 Male N6 6DT Heart disease 39 Male N6 5PA Cancer 36 Female N6 5LB Asthma 38 Male N6 4TA HIV 30-39 * N6 Heart disease 30-39 * N6 Cancer 30-39 * N6 Asthma 30-39 * N6 HIV Statistical Generalisation (k-anonymity) l-diversity

Analysis on Generalised Data

No content

Tracker Attack Average Salary = £36,000 Average Salary = £35,300

( ) ( 9) ≤ 1 + Differential Privacy

Adding noise roughly 1/ε x (effect any individual can have on outcome) gives the desired ratio eε ≈ 1+ε Add Laplace Noise to Query Result 0 0.1 0.2 0.3 0.4 0.5 0.6 30 31 32 33 34 35 36 37 38 39 40 41 42

Replace this

No content

Randomised Response Answer honestly Answer yes

https://github.com/google/rappor

Some Lessons

1. Your data lives for a long time – maybe forever 2. Linking datasets can be very revealing 3. Today’s technology can match data and find sensitive patterns at huge scale 4. Hold organisations to account! Lessons for Citizens

1. Only store data you need 2. Always remove primary identifiers 3. Aggregate and statistically anonymise data before sharing • You can’t foresee all future datasets and potential linkage risks • You can’t foresee the future power of machine learning on this data 4. If data is too complex to anonymise: • extract the features of interest • anonymise and share only those 5. Even better, don’t share the data itself, allow secure queries on the data 6. Be open and clear about how you protect and use private data Lessons for Data Practitioners

Please help We’re looking to meet data scientist/analysts who are working with structured sensitive data, to discuss and user test some of our advanced products. Please contact me at: jason.mcfall@privitar.com

Thank you jason.mcfall@privitar.com