Bringing differential privacy to Google Cloud Platform

Transparent Green shape

We are teaming up with Google Cloud to bring differential privacy to BigQuery and the Google Cloud Platform. Learn more and get started in just a few minutes!

Green shape on dark background
News
Damien Desfontaines

Are you a Google Cloud customer who wants to safely share or publish insights from sensitive data? We have good news for you: Tumult Labs is teaming up with Google Cloud to make it much easier for you to deploy differential privacy on Google Cloud Platform!

the Tumult Labs logo and the Google Cloud Platform logo side by side

This partnership complements the recent launch of BigQuery differential privacy in two ways:

  • Tumult Analytics, the differential privacy framework deployed at the U.S. Census Bureau, the Internal Revenue Service, and the Wikimedia Foundation, is now integrated with BigQuery: you can follow our step-by-step guide to deploy a Tumult Analytics pipeline on GCP, and call it from BigQuery.
  • Tumult Labs is now a Google Cloud partner: our team of differential privacy experts can assist you with designing, implementing, and deploying strong anonymization techniques on GCP.

Using Tumult Analytics on GCP

The new differential privacy feature in BigQuery SQL is a great tool to quickly get started and generate privacy-preserving statistics for simple use cases. With Tumult Analytics, you can go much further: many data publication use cases require additional features, like joins, flat maps with user-defined functions, or advanced privacy accounting. For those use cases, you can now access the full power of Tumult Analytics directly from GCP and BigQuery.

Let’s say that you are generating a sales report and sharing it with a partner. You have two tables: one containing transactions, the other linking each item identifier with a retail category. The goal is to compute the total revenue per category and the total number of transactions that occurred during a specific month.

Because of compliance constraints, you need to make sure that this aggregate data does not leak information about individual customers. You could run the following code from the BigQuery UI.

This would then run a Tumult Analytics pipeline, here called <span class="style-dm-mono" >retailco.reports.sales</span>, computing the business logic in a differentially private way. The sample below shows a script defining this pipeline, which bounds the total privacy budget across multiple queries, including a join between the private and the public table.

After the BigQuery call, two new tables are created, containing the results of the differentially private pipeline: the aggregates are provably safe, and can now be shared with the partner in a compliant way.

Tumult Analytics supports even more advanced features to customize your data pipeline to the needs of your application, and release more useful data under tight privacy constraints: maps and flat maps with user-defined functions, adaptive mechanisms, joins between private tables, and much more. This powerful framework is now accessible directly from BigQuery, and can seamlessly integrate with your existing data workflows.

Interested in getting started with Tumult Analytics?

  • Start with its documentation and tutorials to write your first Tumult Analytics pipeline.
  • Deploy your first differentially private pipeline on BigQuery by following our how-to guide.
  • And if you have technical questions or feedback about Tumult Analytics, join our Slack instance — we’d love to hear from you!

Getting help from Tumult experts

Applying differential privacy to practical use cases can still present challenges. Tumult Labs experts have helped organizations like the U.S. Census Bureau, the IRS, or the Wikimedia Foundation deploy a number of complex, large-scale data products. As a Google services partner, Tumult Labs is now ideally positioned to allow GCP customers to benefit from this expertise. We can apply our tried-and-true approach to:

  • guide you through writing your first differentially private data pipeline and evaluating its performance;
  • fine-tune your data sharing strategy to balance privacy risk with the need to release accurate insights;
  • align the use of differential privacy with compliance and regulatory constraints;
  • audit and certify that your use of differential privacy provides the end-to-end guarantees that your application requires.

Contact us for an initial consultation focused on your use case and unique needs.

Unleash the power and value of your data.