Errata

Practical Data Privacy

Errata for Practical Data Privacy

Submit your own errata for this product.

The errata list is a list of errors and their corrections that were found after the product was released. If the error was corrected in a later version or reprint the date of the correction will be displayed in the column titled "Date Corrected".

The following errata were submitted by our customers and approved as valid errors by the author or editor.

Color key: Serious technical mistake Minor technical mistake Language or formatting error Typo Question Note Update

Version Location Description Submitted By Date submitted Date corrected
Page Preface - Privacy Engineering
Last paragraph in Privacy Engineering section of Preface

"Although larger technology companies are actively hiring actively hire for these roles now, its emergence reminds me of the rise of the term machine learning engineer in 2018."

Phrase should choose either "are actively hiring" or "actively hire," not both.

Note from the Author or Editor:
Thank you for entering this typo!

Mindy Medeiros  Jun 06, 2023  Nov 22, 2024
Page xvi, xxii, xxii
see description

Page xvi, "who can competently address these issue". Should be "issues".

Page xxii, "companies are actively hiring actively hire for these roles". It hurt me how blatant this error was.

Page xxii, "Most of the materials was", should be, "Most of the materials were"

Note from the Author or Editor:
2 out of three confirmed, the last one is not there.

Katharine Jarmul  Nov 01, 2024  Nov 22, 2024
Page 31
footnote

O’Reilly publications and freely available blog, should be O’Reilly publications and freely available blogs,

Katharine Jarmul  Nov 01, 2024  Nov 22, 2024
Page 51
Right under the numeric output

p. 51: The real average age for this newly generated dataset is 45.28, giving a relative error of about 0.15, which is about 5 times the Laplace relative error but using a smaller epsilon (0.99 versus 1.1).
> Errata: replace this newly generated dataset with the original dataset ("unclipped")

Katharine  Nov 01, 2024  Nov 22, 2024
Page 55
see quote

p. 55: If I'm fairly certain you were in the dataset and you are in your mid-20s with a zip code that begins with 1118, I can immediately deduce that you probably had COVID-19 because 100% of the 20- to 40-year-olds in this dataset and that zip code had a positive diagnosis. This isn't what you wanted or intended. Information like this has been exploited in several k-anonymous datasets, including [a public edX dataset that was de-identified via LinkedIn data].
> Errata: de-identified via LinkedIn data: re-identified (de-anonymized)

Katharine  Nov 01, 2024  Nov 22, 2024
Page 56
top

You might be also wondering about synthetic data. to You might also be wondering...

Katharine  Nov 01, 2024  Nov 22, 2024
Page 60
3rd paragraph

privacy skills on the team, identify where can you optimize and adjust. > where you can

Katharine  Nov 01, 2024  Nov 22, 2024
Page 72
top paragraph

The likelihood that a 8-year-old has a master’s degree is quite small. > an 8-year-old

Katharine  Nov 01, 2024  Nov 22, 2024
Page 90
final paragraph

This base and similar ones were exposed on the days and weeks following the global heat map release, > in the days and weeks

Katharine  Nov 01, 2024  Nov 22, 2024
Page 92
footnote

This type of data collection does not provide the strict guarantees like with differential privacy > provide strict guarantees...

Katharine  Nov 01, 2024  Nov 22, 2024
Page 106
under An Average Attacker

Is there a such thing as an average attacker? > such a thing

Katharine  Nov 01, 2024  Nov 22, 2024
Page 108
top

Your data science toolkit can assist in assessing threats and measuring risks, but only when there is historical data. If there is not a quorum of experts to help model, if uncertainly is high and information low, you are unlikely to provide significant assistance.

> if uncertainty

Katharine  Nov 01, 2024  Nov 22, 2024
Page 123
see description

p. 123: You might have noticed that the epsilon values when using Opacus are higher than you expected when compared with your learnings from <<chapter_2>>. This is an open critique and danger of using DP-SGD and many differential privacy mechanisms for training, where accepted epsilon values are much higher than you would expect from a query-based mechanism. Research from privacy and security experts in 2023] demonstrated that these levels are dangerous and can lead to privacy assumptions that are simply inaccurate. They recommended standard overfitting mechanisms instead of DP-noise during training to provide more robust privacy guarantees.
> Errata: anti-overfitting instead of overfitting

Katharine  Nov 01, 2024  Nov 22, 2024
Page 128
last paragraph

In fact, the CMU CyLab Usable Privacy and Security Laboratory released a design with privacy label with pretty neat visuals in 2010 to show users how their data was going to be used.

released a design for a privacy label with...

Katharine  Nov 01, 2024  Nov 22, 2024
Page 134
bottom

This might also mean building privacy into your current monitoring systems—particularly if there have problems in the past with logging sensitive information or ensuring that the infrastructure is respecting the data privacy and security policies.

particularly if there have been problems in the past

Katharine  Nov 01, 2024  Nov 22, 2024
Page 164
middle

This process is advantageous for the user privacy and collaboration.
>
This process is advantageous for user privacy and collaboration.

Katharine  Nov 01, 2024  Nov 22, 2024
Page 168
see description

p. 168: When a security protocol is first designed, it will be assigned one of three theoretical secrecy guarantees, as outlined in.
> Errata: secrecy guarantees replace with security guarantees

Katharine  Nov 01, 2024  Nov 22, 2024
Page 178
footnote

You probably don’t often think about circuit depth of your operations. > You probably don’t often think about the circuit depth of your operations.

Katharine  Nov 01, 2024  Nov 22, 2024
Page 185
2nd to last paragraph

There are also methods for continuing the compute in encrypted space instead of decrypting the intersection, which you’ll learn in “Private Join and Compute” on page 188.

There are also methods for continuing to compute in encrypted space instead of decrypting the intersection, which you’ll learn in “Private Join and Compute” on page 188.

katharine  Nov 01, 2024  Nov 22, 2024
Page 187
see description

p. 187: Bob will use the information received from Alice regarding the generator and prime as input to generate his own public-private key pair and send Alice his public key. At this point in time, they can both use their private key pair with the public key from the other party to generate a shared key.
> Errata: their private key pair change to their private key

Katharine  Nov 01, 2024  Nov 22, 2024
Page 195
last paragraph

Moose currently support CSV and NumPy files, which you can easily create from Pandas or NumPy objects.

Moose currently supports CSV and NumPy files, which you can easily create from Pandas or NumPy objects.

Katharine  Nov 01, 2024  Nov 22, 2024
Page 201
GDPR section

In coming years, the GDPR rights described in this chapter will approach the reality as enforcement expands.
>
In coming years, the GDPR rights described in this chapter will approach reality as enforcement expands.

Katharine  Nov 01, 2024  Nov 22, 2024
Page 202
last sentence

You may have been involved in a GPDR
GDPR: An Overview | 203
compliance migration or retrofitting, which often has to do with ensuring that these rights are semi-automated in data management systems.

GPDR > GDPR

Katharine  Nov 01, 2024  Nov 22, 2024
Page 203
see description

p. 203: For example, in Germany, the local implementation of GDPR is called the Datenschutz-Grundverordnung (DSGVO). Each country has ts own version and its own enforcement.

Change: Each country has its own version to Each country translates and implements the EU law into national law, which then defines who in the country enforces the law.

Katharine  Nov 01, 2024  Nov 22, 2024
Page 206
2nd to last paragraph

If you employ differential privacy and you’ve cleared it with legal advisors on your project or at your company, data after you’ve apply differential privacy mechanisms is no longer subject to GDPR.

>
data after you’ve applied differential privacy

katharine  Nov 01, 2024  Nov 22, 2024
Page 211
see description

211: Google chose the Paillier-based protocol for Private, Join, and Compute and not a more complex and efficient one. Why? So that software engineers with no experience in cryptography could safely use the helper libraries without additional education.
> Errata: Private, Join, and Compute: Private Join and Compute

Katharine  Nov 01, 2024  Nov 22, 2024
Page 218
footnote

Many users never check these setting or alter them unless directly prompted to do so.

to

Many users never check these settings or alter them unless directly prompted to do so.

Katharine  Nov 01, 2024  Nov 22, 2024
Page 225
top paragraph

Some privacy professions really do want to dive deeper into the way things work, for example, wanting to learn how machine learning algorithms train models, how encryption protocols work,

to:

Some privacy professionals really do want to dive deeper into the way things work, for example, wanting to learn how machine learning algorithms train models, how encryption protocols work,

Katharine  Nov 01, 2024  Nov 22, 2024
Page 239
paragraph before current solution

Trent could also analyze the buying patterns and send the the analysis and matched users to the company that wanted to advertise.

to

Trent could also analyze the buying patterns and send the analysis and matched users to the company that wanted to advertise.

katharine  Nov 01, 2024  Nov 22, 2024
Page 259
top

Questions of quantum security comes up often if you talk with folks about cryptography;

to:

Questions around quantum security come up often if you talk with folks about cryptography;

Katharine  Nov 01, 2024  Nov 22, 2024
Page 280
top

Obviously, this is easier if you are guest.

Obviously, this is easier if you are a guest.

Katharine  Nov 01, 2024  Nov 22, 2024
Page 280-281
4th paragraph and footnote

I'd like to use the term non-consensual pornography instead of revenge porn to better reflect what it is!

Katharine  Nov 01, 2024  Nov 22, 2024
Page 284
2nd paragraph

It could be that you searched something related yourself or recently purchased something related to the topic. It could be that there is a trend or other pattern that is highly correlated and making it seem that—just as you hear about something—it is following you.


searched something related to yourself

highly correlated which makes it seem that

Note from the Author or Editor:
Upon re-read "searched something related"

Katharine  Nov 01, 2024  Nov 22, 2024
Page 286
2nd paragraph

I’m going to walk through several alarming phenomenon that machine learning and its related data analysis and collection have created or expedited in the world.

phenomena

katharine  Nov 01, 2024  Nov 22, 2024
Page 291
2nd to last paragraph

The growth and reach of this type of misinformation—and, sometimes, disinformation—is assisted by recommendation algorithms that make it more “valuable” for everyone to produce and rapidly increasing the number of humans affected.

increase instead of increasing

Katharine  Nov 01, 2024  Nov 22, 2024