Protecting privacy does not come cheaply. Many of the best techniques, including differential privacy, are just starting to proliferate in industry and currently sit at the top of the cost curve. For problems that require a custom solution, a federal agency might need to spend somewhere in the range of $1 million to $10 million to research, pilot, and develop its own differential privacy program.
These costs aren’t insurmountable and are well within the budgets of many federal agencies. They also pale in comparison with financial penalties organizations risk when they fail to properly protect people’s data. A federal judge required the Office of Personnel Management to pay a $63 million settlement to current and former federal employees and job applicants who were affected by a data breach.
Furthermore, protecting the privacy of citizens is an essential responsibility of democratic governments. With continued collaboration between government, industry, and universities, more affordable solutions will become available. For example, text classification models were once nearly impossible to train in a differentially private way before the noise destroyed the sparsity in datasets, which dramatically increased the time and cost to train models.
By carefully thinking through the objectives and accounting for where the noise is needed, it is now possible to reduce training time from months to minutes. Achieving this requires a careful and deliberate accounting of the information in the algorithm and where it goes, but the payoff is significant. The upfront investment is well worth the long-term payoff: Once these optimizations become repeatable, the cost for subsequent deployments drops.
When it comes to making the case for more investment in data privacy, the dollar cost may not be the biggest hurdle. Far more formidable is the combination of organizational cultures that are resistant to sharing information, combined with a lack of understanding of new data privacy solutions. When executives don’t fully understand the challenges that need to be addressed or the available solutions, they’re less likely to champion a program that requires investment and cultural change.
But a lack of understanding is not a valid reason to put off implementing data privacy solutions. Federal agencies have an obligation to advance data privacy technologies as part of responsible AI, a reality that’s been acknowledged at the highest levels. According to the 2023 Executive Order on the Safe, Secure, and Trustworthy Development and Use of Artificial Intelligence: “The Federal Government will enforce existing consumer protection laws and principles and enact appropriate safeguards against fraud, unintended bias, discrimination, infringements on privacy, and other harms from AI.”
Executive Order 14110 goes on to direct the National Institute of Science and Technology (NIST) to create guidelines for agencies to evaluate the efficacy of differential-privacy guarantee protections, including those for AI. At the time this article went to press, NIST indicated that a final report was in progress.