Closed jonathanmayer closed 3 years ago
Apologies if I missed it, but we have https://crypto.stanford.edu/prio/paper.pdf implemented in Firefox (and exposed to privileged JS) as well as some server side and analysis tools, both implemented using https://github.com/mozilla/libprio
So it would be worth considering :)
Closing this out. After a number of discussions, the current privacy model is a combination of informed consent, strict access controls, and client-side aggregation where possible. We'll explore the feasibility of local differential privacy in future.
Seems like we're leaning toward decentralized differential privacy with prespecified statistics.
Some related work: