From Theory to Implementation: How Open-Source DP Libraries Shape Mental Models of Privacy Concepts

Abstract

Differential privacy (DP) is a promising framework for privacy-preserving data science that is moving rapidly from theory to practice. Recently, there has been increasing investment in open-source libraries for DP that help data scientists and privacy engineers, study, test, and develop DP analyses. However, there has been little evaluation of how effectively engineers and scientists use these libraries and the role of DP libraries in promoting understanding of and trust in DP. Such evaluation is needed given the well-documented challenges of explaining and understanding DP in in real-world settings. Using methods from Human-Computer Interaction (HCI), we analyze the differences between conceptual models embodied in open-source DP libraries and mental models of DP held by users. Through interviews with 6 developers of open-source DP libraries and user studies with 17 data analysts, we highlight the gaps between theoretical foundations and implementation-level challenges of DP. We find that library usability does not always facilitate better understanding of DP concepts, and that DP libraries often struggle to bridge misalignments between user mental models and library conceptual models. We conclude by contextualizing our findings in the broader social science literature surrounding trust in technology and offering insights into best practices for future DP library development.