Skip to main content
The Globe and Mail
Support Quality Journalism.
The Globe and Mail
First Access to Latest
Investment News
Collection of curated
e-books and guides
Inform your decisions via
Globe Investor Tools
per week
for first 24 weeks

Enjoy unlimited digital access
Cancel Anytime
Enjoy Unlimited Digital Access
Get full access to
Just $1.99per week for the first 24weeks
Just $1.99per week for the first 24weeks
var select={root:".js-sub-pencil",control:".js-sub-pencil-control",open:"o-sub-pencil--open",closed:"o-sub-pencil--closed"},dom={},allowExpand=!0;function pencilInit(o){var e=arguments.length>1&&void 0!==arguments[1]&&arguments[1];select.root=o,dom.root=document.querySelector(select.root),dom.root&&(dom.control=document.querySelector(select.control),dom.control.addEventListener("click",onToggleClicked),setPanelState(e),window.addEventListener("scroll",onWindowScroll),dom.root.removeAttribute("hidden"))}function isPanelOpen(){return dom.root.classList.contains(}function setPanelState(o){dom.root.classList[o?"add":"remove"](,dom.root.classList[o?"remove":"add"](select.closed),dom.control.setAttribute("aria-expanded",o)}function onToggleClicked(){var l=!isPanelOpen();setPanelState(l)}function onWindowScroll(){window.requestAnimationFrame(function() {var l=isPanelOpen(),n=0===(document.body.scrollTop||document.documentElement.scrollTop);n||l||!allowExpand?n&&l&&(allowExpand=!0,setPanelState(!1)):(allowExpand=!1,setPanelState(!0))});}pencilInit(".js-sub-pencil",!1); // via darwin-bg var slideIndex = 0; carousel(); function carousel() { var i; var x = document.getElementsByClassName("subs_valueprop"); for (i = 0; i < x.length; i++) { x[i].style.display = "none"; } slideIndex++; if (slideIndex> x.length) { slideIndex = 1; } x[slideIndex - 1].style.display = "block"; setTimeout(carousel, 2500); } //

Canada, and the Toronto area, in particular, is a hotbed for AI startups focusing on the legal and financial professions.

Most of us have seen and probably barely read the privacy policies we sign onto when we agree to use an online service.

They promise to use our information only in aggregate, meaning that personal identifying details won't be included when that data is combined with other customers'. The services themselves are usually more interested in extracting generalized information from a large group of users anyway, so they offer that personal anonymity in exchange.

But, as researchers have shown, it's all too easy for enterprising individuals to break that anonymity by cross-referencing the data with other sources to once again extrapolate personal details, proving that the barriers protecting privacy online are often very thin indeed.

Story continues below advertisement

There is a potential saviour on the way, however. Differential privacy is a mathematically provable technique for making data anonymous – or anonymizing – and keeping it that way. And it's about to go mainstream.

"It's absolutely critical," says Anthony Mouchantaf, co-founder of Toronto-based Rthm Technologies Inc. "Whatever the technology is at the time that will ensure there's no possibility of de-anonymization, that's what we'll use. That's differential privacy today."

One of the best-known examples of de-anonymization took place in 2007, when Netflix published 10 million movie rankings provided by 500,000 customers. The company was hoping that publicly releasing the information, which replaced personal details with numerical identifiers, would lead to someone coming up with a better recommendation system.

Instead, researchers at the University of Texas at Austin cleverly matched the data to publicly available reviews on the Internet Movie Database. By comparing a few dozen scores and timestamps with Netflix's data, they were able to reidentify some customers with a high degree of certainty.

The point of the exercise, the researchers said, was to show how easy it can be to de-anonymize data. "Releasing the data and just removing the names does nothing for privacy," one of the researchers told SecurityFocus at the time. "If you know their name and a few records, then you can identify that person in the other [private] database."

Differential privacy works by inserting randomized "noise" into the data, which makes it impossible to reidentify an individual with surety.

A survey of 100 users and their chocolate preferences, for example, could indicate that 70 people prefer milk while 30 pick dark. If one person's answer is randomly removed and replaced instead with the result of a coin toss, it becomes impossible to firmly identify any respondent's specific answer.

Story continues below advertisement

"If I'm an attacker and I'm interested to know what your chocolate preference is, even if I knew the chocolate preference of every other person in the survey except you, I still wouldn't be sure," says Aleksandar Nikolov, Canada research chair in algorithms and private data analysis and an assistant professor in computer science at University of Toronto.

Differential privacy has largely been an academic pursuit for the past decade, but companies big and small are beginning to adopt it.

Apple introduced the concept to the mainstream last year by adding it to iOS, its mobile operating system software. The company now uses differential privacy to protect everything from users' emoji preferences to health data.

Rthm, which makes an app that tracks users' health statistics, has become a quick convert to Apple's differential privacy techniques. An accidental de-anonymization of customers' data could be devastating for the startup.

"We spare no effort or expense to make sure that's not an exposure for us," Mr. Mouchantaf says.

Experts warn, however, that differential privacy is not necessarily a silver bullet to the de-anonymization problem. For one thing, it decreases the accuracy of the data being collected.

Story continues below advertisement

In the chocolate example above, for instance, replacing one answer with a randomized response would lower the accuracy by 1 per cent.

More importantly, however, it's also easy to apply differential privacy incorrectly.

A recent study led by researchers at the University of California suggests Apple's application of the technique is "relatively pointless" because it gets a key mathematical variable – known as "privacy loss parameter" or "epsilon" – wrong.

While the academic community considers an epsilon of one to be acceptable, Apple's applied values are as high as 14, which the researchers say makes it easy for attackers to de-anonymize the supposedly protected information. The company disputes the findings and says it uses different epsilon values for different types of data.

Experts are concerned that differential privacy could thus become just a marketing term – a fancy-sounding illusion of protection without actual teeth to it.

"The theoretical concept of differential privacy is under a transformation toward real problems," say Florian Kerschbaum, an associate professor of computer science at the University of Waterloo. "That transformation has not completed yet."

Your Globe

Build your personal news feed

  1. Follow topics and authors relevant to your reading interests.
  2. Check your Following feed daily, and never miss an article. Access your Following feed from your account menu at the top right corner of every page.

Follow the author of this article:

View more suggestions in Following Read more about following topics and authors
Report an error Editorial code of conduct
Tickers mentioned in this story
Due to technical reasons, we have temporarily removed commenting from our articles. We hope to have this fixed soon. Thank you for your patience. If you are looking to give feedback on our new site, please send it along to If you want to write a letter to the editor, please forward to

Welcome to The Globe and Mail’s comment community. This is a space where subscribers can engage with each other and Globe staff. Non-subscribers can read and sort comments but will not be able to engage with them in any way. Click here to subscribe.

If you would like to write a letter to the editor, please forward it to Readers can also interact with The Globe on Facebook and Twitter .

Welcome to The Globe and Mail’s comment community. This is a space where subscribers can engage with each other and Globe staff. Non-subscribers can read and sort comments but will not be able to engage with them in any way. Click here to subscribe.

If you would like to write a letter to the editor, please forward it to Readers can also interact with The Globe on Facebook and Twitter .

Welcome to The Globe and Mail’s comment community. This is a space where subscribers can engage with each other and Globe staff.

We aim to create a safe and valuable space for discussion and debate. That means:

  • Treat others as you wish to be treated
  • Criticize ideas, not people
  • Stay on topic
  • Avoid the use of toxic and offensive language
  • Flag bad behaviour

If you do not see your comment posted immediately, it is being reviewed by the moderation team and may appear shortly, generally within an hour.

We aim to have all comments reviewed in a timely manner.

Comments that violate our community guidelines will not be posted.

UPDATED: Read our community guidelines here

Discussion loading ...

To view this site properly, enable cookies in your browser. Read our privacy policy to learn more.
How to enable cookies