Programming frameworks for differential privacy

Version History: originally published on ArXiv: https://arxiv.org/abs/2403.11088.

Many programming frameworks have been introduced to support the development of differentially private software applications. In this chapter, we survey some of the conceptual ideas underlying these frameworks in a way that we hope will be helpful for both practitioners and researchers. For practitioners, the survey can provide a starting point for understanding what features may be valuable when selecting a programming framework. For researchers, it can help organize existing work in a unified way and provide context for understanding new features in future frameworks.

We do not attempt to be comprehensive in our coverage of the landscape of software tools for differential privacy (which is constantly growing) or in the issues relevant to implementation. In particular, we focus on programming frameworks for expressing and reasoning about differentially private statistical analyses, sometimes referred to as “queries.” We refer readers interested in frameworks for large-scale machine learning pipelines to Chapter 7 and the references therein. Furthermore, there are a number of important issues in programming with differential privacy that we did not address, such as randomness generation, security, finite arithmetic, side channels, and scalability; discussions of these can be found in many of the papers we reference.