This project develops a new programming model that incorporates a theory of differential privacy. Differential privacy is a formulation of statistical privacy that protects individual data values while still allowing the release of results from privacy-preserving analyses. Prior work on language-based techniques for differential privacy has focused on preventing leaks, rejecting programs either statically, before they run, or dynamically, as they run, before they leak too much information. This project uses an approach that allows the compiler and runtime to enforce privacy requirements by construction. The objective is two-fold: to make it easier for programmers to implement privacy-preserving data analytics, and to provide provable privacy guarantees. The approach facilitates the programming of differentially algorithms, while allowing non-experts to build up intuitions about what makes programs differentially private. The project integrates research with education by developing a framework to educate non-experts about statistical privacy, by disseminating results to both the academic community and collaborators, and incorporating the techniques into the security curriculum. Central to the technical approach is the concept of policy-agnostic programming, where a programmer can write policy-enforcing code that looks similar to (simpler) policy-free code and relies on the runtime environment to customize program behavior to enforce policies. The project develops the theory and infrastructure for a new programming framework called Jostle that supports privacy-agnostic programming through exposing fine-grained algorithmic choices to the programmer. The compiler and runtime, rather than the programmer, is responsible for navigating the space of privacy and accuracy trade-offs. Making this work involves (1) a dynamic semantics for policy-agnostic differential privacy, (2) a decidable probabilistic relational type system, and (3) a compilation framework for policy-agnostic differential privacy that uses the results of (1) and (2) for statically and dynamically exploring privacy/accuracy tradeoffs. The resulting system supports implementations of complex machine learning algorithms that are agnostic to the differential privacy concerns, and allow the programmer to rely on the compiler and runtime to modify programs to satisfy privacy requirements. The approach is intended to be sufficiently general to support different formulations of statistical privacy.
CAREER: A Policy-Agnostic Programming Framework for Statistical Privacy