Last week the Commerce Department banned "noise infusion" from all Census Bureau and Bureau of Economic Analysis statistical products — a move that kills differential privacy by fiat and forces an impossible tradeoff.
Differential privacy works by adding calibrated random noise to statistics, limiting how much any single person's data can affect the output. That noise is precisely what the order prohibits. The text goes further, requiring that coarsening (e.g., turning a county into a state) be preferred and that suppression be used only as a "last resort." Any method involving randomness — sampling, swapping, cell key — is now suspect.
Why differential privacy became the default
From 1990 to 2010 the Census relied on swapping records to protect privacy. That turned out to be trivially breakable: researchers showed they could reconstruct individual responses from published tables. Political operatives and demographers admitted to doing exactly that, often for gerrymandering. When the Bureau adopted differential privacy for the 2020 Census, it wasn't because the math was elegant — it was the only option that stopped record-reconstruction attacks while keeping the data usable.
The order's practical fallout
Ted, the privacy researcher behind this analysis, puts it bluntly: future statistical releases will be either useless or unsafe. Coarsening and suppression are blunt instruments — they gut the granularity that social scientists, economists, and policymakers need. If agencies try to avoid noise by falling back to swapping or sampling, they're reintroducing randomness, which the order appears to forbid. The only path that doesn't violate the order is releasing heavily aggregated or suppressed numbers that bear little resemblance to the detailed statistics users depend on.
Meanwhile, the confidentiality obligations under federal law remain in full effect. The order itself says it "shall not be interpreted to conflict with any constitutional, statutory, regulatory, or other legal provision." So the Census Bureau must still protect individual records, but the one tool that made that possible while preserving utility is now illegal.
The Bureau now faces the impossible task of producing useful statistics without the only technique that made them both useful and safe.
Source: US bans differential privacy in Census data
Domain: desfontain.es
Comments load interactively on the live page.