@@llllllllllllllllllllllllIIIIl1 Not necessarily, depends on how you acquire people. If you randomly blink people in and out of existence, the the probablility of "no" could get very low if possible cases include 10 people, or 300 people, or 129 people, or 2000000000 people... how likely would it be that you'd get to zero at some point?
How I protect my privacy with math. Step 1 I start doing math. Step 2 Person approaches me and sees I'm doing math. Step 3 They slowly back away Step 4 Privacy!
Easier way: When the census takes place, don't answer your door or go away from home in a trip. Though the US loves a bit tyranny of its own, they can't fine thousands of people for not being at home at a certain moment in time. Problem solved!
Been like that for a long time but I couldn't care less about title mismatch.. I am still getting my head around some of his vids when it was still minute (or two!) and physics!
That's a meaningless comparison. Government is supposed to know accurate information about it's citizens that's needed to operate properly. And so it does. Data jittering is done for purposes of keeping individual privacy when publishing data to *public* (keeping privacy as in making sure that third-party can't restore individual data from published data, not as in keeping secrets from government). Pretty sure they store correct census data of each individual for internal purposes as well.
@@niter43 Last time I checked I am part of the government too!! and I really hope this government "of the people, by the people, for the people, shall not perish from the earth"!!! But I also don't want us to be vulnerable to Nazi behavior. What if census form asked if you wanted your data jittered? (like a micro point system [+/- 1 PersonPoint]) If there was a way to do this then the more people who opt out of the jitter the more transparent our data can become, and, it can become this way democratically. We could some day brag that we are so proud and brave that we do not fear others being able to pinpoint us based on our demographics because, for example, those around us our neighbors and fellow citizens would stand up for our human dignity in spite of the differences between us.
@@MRDAVIDJHEMMINGER Um ... That sounds amazingly dangerous. Granted, I was one who was all for free access to information years ago - had an open Wi-Fi, used Linux, did all the things - then was accused of storing illegal stuff on my computer. Not a fun experience and one that pushed me to re-examine how well I knew my neighbors and how good an idea having Open Source stuff and sharing information really was. End result, if I understood the video correctly, your vote to *not* 'jitter' your information can have the effect of allowing my information to be more easily discovered. (As this whole video reminded me of those word problem set ups you do when trying to find out who of three people with red hair rode a bicycle and ate a pie in a six person neighborhood. I'm not good with maths, so I'm trusting y'all to keep me honest.) In the course of using your un-jittered information, my information is more easy to extrapolate. Basically, your freedom to share your information is also sharing my information, that I may not want out there. I don't mind standing for human dignity. Nor do I really mind being part of certain kinds of scientific study. I do, however, mind being "voluntold" for a study I don't want to participate in just because someone else thinks it's a great idea. The freedom to *not* be included is also important and should be protected. I don't feel a need to have to brag to my great-grandchildren about how "brave and proud" I was to allow social scientists access to my personal data. I can feel brave and proud through having actual accomplishments like doing a job well, or writing a book, or creating something artistic. Being part of a movement to end privacy and personal information from being shared with whomever can cough up the money to purchase access to census data is not on my List of Things To Do. But thanks, anyway.
As someone who actually publishes differential privacy research, I just would like to mention that a privacy budget of 30 is absurdly high; there are cases were a privacy budget of 30 would allow you to reconstruct someone's data with over 95% accuracy. On our research team, we would never consider a privacy budget above 5, and the gold standard was .01.
@@vermillion8521 Read that again. Privacy budget. That means how much privacy you can sacrifice. 0.1 is less than 30, therefore the first case has more privacy and less accuracy.
I worked for the USCensus Bureau in 2005 or so, it was an interesting job, and we all took privacy and confidentiality very seriously. I hope all the men and women working on the 2020 census get to see this video.
The census is a very important tool for keeping our government fair and functioning, and even though it’s been politicized lately, I’m really glad people like Henry are talking about it. Good policies start with good data.
But aren't we (humans, or any other intelligent life) violating the Universe's privacy to understand it better and also create new stuff that is both good and bad?
Kaspersky advertised on it. Not sure how they engineered that, but I'm guessing Google was complicit. And given that Google already knows way more about each of us than all those census records...
@@QlueDuPlessis Well it was probably by the tags/title I believe thats how ads are chosen. That's why you will sometimes get ads for something on videos hating on that product.
This has been literally been the best educational video I have seen this year on RUclips. Why? Because it gives a solution for how companies should act, that collect huge amounts of data! Thank you.
yeah. when selling this stuff they should only sell jittered data, and only averages (even if the source data could be partially reverse engineered). right now data sold to and between ad networks is even worse than un-jittered correlatable averages, it's often just a selection of stats that omits your name, completely bare for the companies to correlate themselves without even having to try and unpack anything first. they're all technically not selling identifiable data if they say "she's a girl and likes cats" but with enough overlap between the information sharing, you only need one ad network picking up your location from a web search and they can eventually tie that together so they know all your preferences, your age, where you live.. just not technically your name. of course that last step, getting the name, is one of the easiest
@@davidbechart7674 Funnily enough we know a census happened there at the time (more than one, actually) but we also know it cannot be the one the Bible describes, unless the Bible describes it incorrectly.
The census is authorized in the Constitution to count adults. But it is not authorized to collect information about their sex, race, income, sexual orientation, etc. So I always leave these blank on the census form. Leaving these out globally would increase the privacy of the census, without reducing its accuracy.
This is something I am really interested in. I loved learning about combinatorics in college. I am certain that if we are going to continue to advance in technology at the rate that we are, we must revolutionize how privacy is handled. I am totally guilty of giving Google enormous amounts of information about my spending habits and hobbies, both willingly and unwillingly. I believe that the best way to create more accurate and advanced algorithms (especially with neural networks) is to "feed the beast" and as much data as possible; plus, I feel like I have nothing to hide. That being said, I am growing increasingly weary of who is getting their hands on that data and how it is being used.
I would be happy if every government agency did things when they're doing public outreach. Plenty of science agencies, especially NASA, have been doing this for years.
Actually, no. Jittering is for privacy reasons, not evidence - based ones. If your age is 13 +/- 5 years , there's no solid evidence that you're old enough to buy a game and you probably won't be able to buy it. You're sacrificing your ability to buy anything at or below your age to protect your privacy - but that's your call to make :)
In my opinion, the concern with privacy isn't that everyone can know an individual's information; it's that single large groups can know disproportionately large amounts of information about large quantities of people. I believe if one group can access not-necessarily-sensitive data like my age and sex, then everyone should be able to as well.
12-minute physics These longer videos require more attention but you definitely get more accurate info. I wish this guy could release videos more often
Thanks you for this video, minute physics! I have started watching this channel since middle school, back then most of the videos were about physics. Now as a senior in college, I have found differential privacy as one of my research interests. I am really grateful and surprised to see this excellent expository video on DP, from a channel I loved as a kid!
Although I am reluctant for huge descriptive statistics for demographics on the census for people who are still alive. Yet, the census is a massively important document for ancestry and family history documenting and discovery. The more information that is on the census, the more accurate you can find your family. It’s important. Even though it can be concerning when people get ahold of this census early. It should be noted that the census doesn’t release a census for 50 years after. So the 1970 census isn’t even publicly available yet.
I don’t know why but I got halfway through your comment before realizing it was _not_ a brilliant riff on “I am the very model of a modern major general”. Very disappointed, two stars.
Honestly though, someone could figure out way more information about you by data mining your public internet accounts. And with internet accounts there is far more relevant data at stake; like your mother’s maiden name could be found through inference from facebook posts, or the bank you use could be found from pictures, GPS data, or off hand comments. That’s with a few more questions would be enough to change the password on your bank account and wire money out. It probably would even use less processing power than bitcoin.
@@greenredblue I am already trying to figure a way to get that song out of my head. "I've information vegetable, animal, and mineral; I know the kings of England, and I quote the fights historical, from Marathon to Waterloo, in order categorical." Argh. Double Argh.
Sounds to me that bayes theorem against a random chance of false data can come in handy. Similar to asking people if they do something that is specifically embarrassing without knowing whether they actually do that specific thing....by having them roll a die or flip a coin to answer the question (a flip of heads means "answer truthfully" and a flip of tails means "always answer yes", leads far more people to answer honestly without the test taker knowing if it's true). So if you give everyone say a 10% chance of false data at a 50% range, then you end up with only a 5% draw down on the overall survey without revealing much information individually.
The thing is that in nearly any given community epsilon is soooo small as to be practically unusable. I worry that this video will leave many thinking that we're dealing with epsilons that have useful value beyond being intellectually stimulating. I'm glad we're implementing matrix smoothing, but for everyone else who doesn't understand the math, there's nothing for you to worry about and you should really complete your census. Us nerds are busy battling privacy concerns long long before they should be of concern for people who aren't mathematicians.
Information theory was the hardest class in my MS but I got a lot out of it. I think everyone should learn the stats that were talked about in this video, it really grants a useful perspective.
@@willis936 What subject? Statistics? I did a bachelor's degree in computer science and we never had a a class on information theory. It just popped up a tiny bit in the context of error correction algorithms. Our class on theoretical computer science focused on formal languages, computability, and complexity -- information theory wasn't mentioned once.
Trurl Electrical engineering. Information theory is likely only an undergrad course for math majors (and is likely optional in most programs). It would be an optional grad course for EE, CS, and (probably) physics. For the practice of computer science (and not just programming), information theory isn’t terribly relevant, but it is necessary for a lot of practical applications (compression and encryption).
@@willis936 Sounds interesting. Encryption is unfortunately a topic we also skipped. Since I'm using Bayesian probability theory (in philosophy, not computer science) I noticed the relevance of information theory. Hard to get into it by your own, unfortunately.
Through my incredible computational power of passing through your RUclips profile, I've narrowed the scope to being a male in your 20's. Mwahaha!! Your privacy has been reduced.
I love seeing how this shakes out in extreme cases like the dying towns that are down to a population in the single digits. The one single-person town that I know of infamously has a census population of "2" because of this jitter but obviously ALL data from that town is that one woman with jitter applied.
This is the most comprehensible minutesphysics video ever. Did somebody tell you to summarize your points like... three times in this video? (Very unlike your previous videos)
Great video! Thanks Question: Do you know if these models take into account the noise inherently present in any data collection, especially on this scale? I.e., assuming even zero perturbation of the data, the knowledge you get from it is still a proxy of the real information (due to human errors, intentional misinformation, etc.), so taking that into account might give you some leeway in your "privacy budget". Maybe this can be modeled as an increase in budget without harming privacy? Just a thought :)
In Sweden, if you ask the government, you can get a list of the citizens of Sweden with where they live, what they earn, the Swedish form of social security number etcetera. Much information is public.
I do not rely on my government to jitter my data. I'm capable enough of doing it myself. But thank you for the idea of randomizing how much I deviate from the truth.
@@harpiesd96 Right. I just wonder if the "averaging the noise" at 7:38 applies to scrambling within the same census, or across time. Similarly, if the "privacy loss budget" applies across time. Unlike your password, which you can change, if census data has been "leaked" anytime in the past, the privacy will be forever lost unless that person dies. Otherwise "15 yrs old male black arab" will be "20 yrs old male black arab" 5 years later.
Differential privacy actually addresses this issue quite neatly: All the 'plausibility' stuff is always formulated in terms of changes between prior beliefs (what an attacker already knew before we released our answer) and posterior belief (what he thinks is plausible now, knowing our answer). So while the 2020 census obviously cannot undo any privacy loss from previous years, it will guarantee that even someone who did attacks on previous years will learn (very close to) no additional information about anybody from the 2020 census. Sure, it's not perfect, but you can't undo information leakage, no matter how much jittering you add to the new census ;) At least this formal thing guarantees that it won't help make attacking the old stuff easier and that you will learn basically nothing additional about the data.
To whoever said that(maybe not you): So? Math helped with about ten quadrillion things. I’m also pretty sure math helped discover gravity, so joke’s on you
Halfway through the video I was actually thinking of this as a "hold up, is this a lead to the HUP?" until jittering came in, which of course just cancelled out that thought entirely.
The last bit of the video was completely normative. I say this as someone torn between my love of privacy (introvert with trust issues here) and my love for mathematical accuracy.
The thing is, the actual results of the census are published after 72 years. This means the actual results from the 1950 Census will be released in 2022. So the results of the 2020 Census will be released in 2092.
This is quite interesting. I am from Sweden, and here you an find out how much tax everyone pays, their phone number, where they live, who they live with, what car they have, what pets they have, what companies they are involved in etc. Its all public.
i like the last part about surveys. i am currently in university and i have never heard about that happening. i study a social science so we make and also take part in studies and surveys. now i think most of them could be traced back to each individual, including me. also i think we should force online surveys to do that kind of stuff.
A problem I see with this is that a lot of the useful information we gain from the survey is by looking at the evolution of data, compared to previous census. But in the end you might just be looking at random noise
This. I was tempted until I realized that once that information is known, it can never be 'unknown'. And it's only a matter of time until someone somewhere starts requesting it as part of something else. I might sound paranoid, but I'd like to know why someone wants certain information about me, other than that required by my doctors in treating my health.
1:40 holy cow i wish I lived in a world where roughly a fourth of the population is trans or nonbinary, that would be a lovely gender distribution. Much love from your trans audience
Good computer security pretty much boils down to a mathematical solution too. With the exception of a someone with physical access to the computer and knowledge of the password.
What if each participant writes a random value which is then used to introduce noise to each census (their own or of a different participant)? This wouldn't introduce enough random noise that the final results will be both accurate and impossible to reverse with 100% accuracy? Kinda like one-way encryption
It's a valid option, although in practice you'd probably get the Census Bureau to do that to the data before they calculate what they publish. It's got some benefits over adding noise to the published figures, but there are also drawbacks, mostly around that problem of keeping the results accurate enough to be useful.
Short Answer: no, because the attack on privacy of sensitive information relies mostly on the published figures, and as such, when the attackers try to find the plausible inputs, they find every person's fake, random data in addition to the real data from the rest of them. Privacy would still be violated for most persons; the noise must be implemented into the published figures, which fundamentally change everyone's most probable data in such a way as to be rendered incorrect to the attacker.
I already lie my age or date of birth in things that doesn`t matter such as hair dresser salon registration, forum registration, even facebook. So if you lie to US Census (in a way that you think it won`t matter) like saying you are 31 instead of 28 and then the US Census change that a little more, you get a bunch or wrong data all over.
I wonder how many minutephysics episodes have been scrapped because they couldn't think of a closing pun.
I bet 1 decillion
@@sagemccarthy4115 on what?
@@ggsap I'm pretty sure he meant that he bets 1 decillion videos have been scrapped
New census data: There may or may not be people in the USA.
The probability is 50-50 right ? Either yes there are people, and no there isn't 🤔🤣🤣
@@llllllllllllllllllllllllIIIIl1 Not necessarily, depends on how you acquire people. If you randomly blink people in and out of existence, the the probablility of "no" could get very low if possible cases include 10 people, or 300 people, or 129 people, or 2000000000 people... how likely would it be that you'd get to zero at some point?
@@R2Cv1 1/n
@@thinboxdictator6720 (That was rhetorical)
Shrödingers population
How I protect my privacy with math.
Step 1 I start doing math.
Step 2 Person approaches me and sees I'm doing math.
Step 3 They slowly back away
Step 4 Privacy!
Then one person is like “Oh cool! Privacy jitter calculations!”
So THIS is why I never get laid...
Instead of running away, you're approaching me?
I wanted to read your comment, but i saw the word "math", and then slowly backed away
Easier way: When the census takes place, don't answer your door or go away from home in a trip. Though the US loves a bit tyranny of its own, they can't fine thousands of people for not being at home at a certain moment in time. Problem solved!
Well now, it's neither a minute nor physics.
Been like that for a long time but I couldn't care less about title mismatch.. I am still getting my head around some of his vids when it was still minute (or two!) and physics!
hmm... are you really 31 or did you roll a dice an added it to your real age to confuse us...?
2 d20s baby!
Adam A wait he can be -9 yo?
@@Apersonl0l No, no, of course not. You multiply them!
Hmm... so we are left with a total of 6 possible answers. Great job Sherlock!
Actualy the math was wrong... it's around 21 possible answers... yikes
So they can jitter my census data to ensure privacy, but when I jitter my tax returns, all I'm ensuring is jail time? Doesn't seem fair
Unless you add positive amounts to it
also remember when Equifax didn't do their one job
That's a meaningless comparison.
Government is supposed to know accurate information about it's citizens that's needed to operate properly. And so it does. Data jittering is done for purposes of keeping individual privacy when publishing data to *public* (keeping privacy as in making sure that third-party can't restore individual data from published data, not as in keeping secrets from government).
Pretty sure they store correct census data of each individual for internal purposes as well.
@@niter43 Last time I checked I am part of the government too!! and I really hope this government "of the people, by the people, for the people, shall not perish from the earth"!!! But I also don't want us to be vulnerable to Nazi behavior. What if census form asked if you wanted your data jittered? (like a micro point system [+/- 1 PersonPoint]) If there was a way to do this then the more people who opt out of the jitter the more transparent our data can become, and, it can become this way democratically. We could some day brag that we are so proud and brave that we do not fear others being able to pinpoint us based on our demographics because, for example, those around us our neighbors and fellow citizens would stand up for our human dignity in spite of the differences between us.
@@MRDAVIDJHEMMINGER Um ... That sounds amazingly dangerous. Granted, I was one who was all for free access to information years ago - had an open Wi-Fi, used Linux, did all the things - then was accused of storing illegal stuff on my computer. Not a fun experience and one that pushed me to re-examine how well I knew my neighbors and how good an idea having Open Source stuff and sharing information really was.
End result, if I understood the video correctly, your vote to *not* 'jitter' your information can have the effect of allowing my information to be more easily discovered.
(As this whole video reminded me of those word problem set ups you do when trying to find out who of three people with red hair rode a bicycle and ate a pie in a six person neighborhood. I'm not good with maths, so I'm trusting y'all to keep me honest.) In the course of using your un-jittered information, my information is more easy to extrapolate. Basically, your freedom to share your information is also sharing my information, that I may not want out there.
I don't mind standing for human dignity. Nor do I really mind being part of certain kinds of scientific study. I do, however, mind being "voluntold" for a study I don't want to participate in just because someone else thinks it's a great idea. The freedom to *not* be included is also important and should be protected.
I don't feel a need to have to brag to my great-grandchildren about how "brave and proud" I was to allow social scientists access to my personal data. I can feel brave and proud through having actual accomplishments like doing a job well, or writing a book, or creating something artistic. Being part of a movement to end privacy and personal information from being shared with whomever can cough up the money to purchase access to census data is not on my List of Things To Do.
But thanks, anyway.
So basically Sudoku with census data and supercomputers.
more like Einstein's riddle or zebra puzzle, but on a contry-wide scale :)
@@Ranakastrasz It's*
@@Ranakastrasz puzzle*
@@Ranakastrasz or*
@@opsoc777 for*
beginning of video : citizenships
end of video : algebra and probability
and a nifty pun that almost ruined the sense of wonder
almost.
Read the name of the channel, might give you an idea
Its not that complicated
Highschool Students Everywhere: Algebra is stupid, when will I use this in life?
minutephysics: Well...
Actually, since we're looking for the slope at a peak it's more calculus. Derivatives are ez pz tho.
"And how do you protect your privacy?"
Nord vpn
Kevin Fontanari Only that those don’t really protect privacy but just move the problem.
This is a trailer for Henry's spinoff channel '12minutestatistics'.
As someone who actually publishes differential privacy research, I just would like to mention that a privacy budget of 30 is absurdly high; there are cases were a privacy budget of 30 would allow you to reconstruct someone's data with over 95% accuracy. On our research team, we would never consider a privacy budget above 5, and the gold standard was .01.
So how is this 30 split? Wouldn’t a higher number mean they have more to jitter the results?
Nine Tails yea, .01 means its basically the same as the original data. I think Monica Moniot is just trying to be smart
@@vermillion8521 Read that again. Privacy budget. That means how much privacy you can sacrifice. 0.1 is less than 30, therefore the first case has more privacy and less accuracy.
ty for the insight !
"I looked forward in time, I saw 14,000,605 futures."
"How many were plausible?"
"One."
Eoin Doyle Thanos should have jittered his time lines better.
I worked for the USCensus Bureau in 2005 or so, it was an interesting job, and we all took privacy and confidentiality very seriously. I hope all the men and women working on the 2020 census get to see this video.
The census is a very important tool for keeping our government fair and functioning, and even though it’s been politicized lately, I’m really glad people like Henry are talking about it. Good policies start with good data.
But aren't we (humans, or any other intelligent life) violating the Universe's privacy to understand it better and also create new stuff that is both good and bad?
They have already have all the information they need.
So perhaps the DMV shouldn’t be selling people’s data to PI’s...
What is a PI?
Klobi for President
Private Investigator I’m guessing
PIs*
You should take that up with your state government.
@@JorgetePanete (No, it's PI's)
(Case is for abbreviations, numbers, individual letters, etc)
congrats on getting married
Thomas Smith gitters
*jitter
Because of the jittering, we can only know that he has 1±1 spouses
@@cameronbigley7483 1:02
Congrats on liking ice cream.
Most people would take a shiny box in exchange for their privacy.
That’s what’s really scary.
You are so right... The census is nothing compared to the most intimate data corporations have on EVERYBODY
It's truly rare to see a public service announcement involving math. Nicely done!
This would have been a perfect video to be sponsored by nordvpn or dashlane
Kaspersky advertised on it.
Not sure how they engineered that, but I'm guessing Google was complicit.
And given that Google already knows way more about each of us than all those census records...
i can hear the segue in my head lol
stop
@@QlueDuPlessis Well it was probably by the tags/title I believe thats how ads are chosen. That's why you will sometimes get ads for something on videos hating on that product.
@@QlueDuPlessis Kaspersky advertised on _your_ view. That just tells us what Google thinks about you.
This has been literally been the best educational video I have seen this year on RUclips. Why? Because it gives a solution for how companies should act, that collect huge amounts of data! Thank you.
yeah. when selling this stuff they should only sell jittered data, and only averages (even if the source data could be partially reverse engineered). right now data sold to and between ad networks is even worse than un-jittered correlatable averages, it's often just a selection of stats that omits your name, completely bare for the companies to correlate themselves without even having to try and unpack anything first. they're all technically not selling identifiable data if they say "she's a girl and likes cats" but with enough overlap between the information sharing, you only need one ad network picking up your location from a web search and they can eventually tie that together so they know all your preferences, your age, where you live.. just not technically your name. of course that last step, getting the name, is one of the easiest
When you get sponsored by a literal department of the US government...damn.
Lol and not by nord vpn
I wish the government sponsored more quality shit that I like. Not McDs hamberder dinners for athletes and F-35s.
Only ONE allowed: peak or peek. Never the two shall meet.
Endor what about a peeking peak?
Moral, give him anything he gives u back MATH...EQ....and...ya...CATS......
*I LOVE HOW HE CAN ADD SCHRODINGER'S CAT TO EVERYTHING*
MATH:
Make
America
Think
Harder
#YangGang
Ironic your profile pic is american flag.
This is hilarious considering he just chickened out of the running
Me: Why the hell does anyone need privacy
Minutephysics: *ICECREAM*
First known census: 1086.
2019: "Oooo privacy!"
@@davidbechart7674 true
@@davidbechart7674
Funnily enough we know a census happened there at the time (more than one, actually) but we also know it cannot be the one the Bible describes, unless the Bible describes it incorrectly.
Well, there haven't been too many supercomputers around at 1086, have they?
@@klobiforpresident2254 Well maybe the bible scrambles tha data to ensure privacy /s
The census is authorized in the Constitution to count adults. But it is not authorized to collect information about their sex, race, income, sexual orientation, etc. So I always leave these blank on the census form. Leaving these out globally would increase the privacy of the census, without reducing its accuracy.
Exactly. The government is allowed to count people, nothing more. Every other demographic statistic is none of their business.
@@kevburgeryou cannot govern without knowing things about those whom you govern
This is something I am really interested in. I loved learning about combinatorics in college. I am certain that if we are going to continue to advance in technology at the rate that we are, we must revolutionize how privacy is handled. I am totally guilty of giving Google enormous amounts of information about my spending habits and hobbies, both willingly and unwillingly. I believe that the best way to create more accurate and advanced algorithms (especially with neural networks) is to "feed the beast" and as much data as possible; plus, I feel like I have nothing to hide. That being said, I am growing increasingly weary of who is getting their hands on that data and how it is being used.
“We’ve implemented complex mathematical algorithms to protect our data”
Russian hacker: im about to end this mans whole career
Certainly an odd sponsor, but amazing video nonetheless!
I would be happy if every government agency did things when they're doing public outreach. Plenty of science agencies, especially NASA, have been doing this for years.
Hands down, one of the best creators on the internet!
One of the most remarkable videos you've made IMHO. Thanks for all your hard work in explaining things.
The Level of alliteration in this video is remarkably satisfying! !
See math is everywhere, you can't run from it...
Even after being the President
😥😥
but he is president ... and you are not
Wago Howard He dropped out LOL
So I can tell that I am 5 years less or more than 13.
So I am 18 technically and 8 also so I can play 18+ games
@foolish fellow OK bro
Actually, no. Jittering is for privacy reasons, not evidence - based ones. If your age is 13 +/- 5 years , there's no solid evidence that you're old enough to buy a game and you probably won't be able to buy it.
You're sacrificing your ability to buy anything at or below your age to protect your privacy - but that's your call to make :)
@@chatboss000
Even worse, he could claim to be 22±5 and he couldn't buy those games. Sorry privacy conscious 26 year old OP.
Hmmm thats not right duh
Adam Smith was one of my professors in grad school. I really enjoy this topic; thanks for covering it!
The summary at the end of this video is absolutly wonderful. the whole video was great but dense and the summary helps contain it all.
Nice explanation of the importance of considering the repercussions de-anonymization algorithms.
In my opinion, the concern with privacy isn't that everyone can know an individual's information; it's that single large groups can know disproportionately large amounts of information about large quantities of people. I believe if one group can access not-necessarily-sensitive data like my age and sex, then everyone should be able to as well.
And this lads is now called Minutephysics' uncertainty principle
12-minute physics
These longer videos require more attention but you definitely get more accurate info. I wish this guy could release videos more often
it's nice to know that at least someone in the government cares about our privacy
Thanks you for this video, minute physics! I have started watching this channel since middle school, back then most of the videos were about physics. Now as a senior in college, I have found differential privacy as one of my research interests. I am really grateful and surprised to see this excellent expository video on DP, from a channel I loved as a kid!
Although I am reluctant for huge descriptive statistics for demographics on the census for people who are still alive. Yet, the census is a massively important document for ancestry and family history documenting and discovery. The more information that is on the census, the more accurate you can find your family. It’s important. Even though it can be concerning when people get ahold of this census early.
It should be noted that the census doesn’t release a census for 50 years after. So the 1970 census isn’t even publicly available yet.
I don’t know why but I got halfway through your comment before realizing it was _not_ a brilliant riff on “I am the very model of a modern major general”.
Very disappointed, two stars.
Honestly though, someone could figure out way more information about you by data mining your public internet accounts. And with internet accounts there is far more relevant data at stake; like your mother’s maiden name could be found through inference from facebook posts, or the bank you use could be found from pictures, GPS data, or off hand comments. That’s with a few more questions would be enough to change the password on your bank account and wire money out. It probably would even use less processing power than bitcoin.
Aaaannnnd you need the 1970 census to find your gammy?? Ah, diddums...
You use the census for that? What happened to the ancestral chart, registrar's office and family bible?
@@greenredblue I am already trying to figure a way to get that song out of my head. "I've information vegetable, animal, and mineral; I know the kings of England, and I quote the fights historical, from Marathon to Waterloo, in order categorical." Argh. Double Argh.
Thought this was going to be yet another video on encryption and was pleasantly surprised. Nice work!
I think cats at Minuit Physics is evolving at an alarming rate... THE AGE OF CATS ARE UPON US!
I for one welcome our new furry fuzzball overlords.
@@klobiforpresident2254 go see a doctor!
9:21 Henry, that's not how seesaws work. If one side goes up the other goes down.
That's only Euclidean seasaws.
Sounds to me that bayes theorem against a random chance of false data can come in handy. Similar to asking people if they do something that is specifically embarrassing without knowing whether they actually do that specific thing....by having them roll a die or flip a coin to answer the question (a flip of heads means "answer truthfully" and a flip of tails means "always answer yes", leads far more people to answer honestly without the test taker knowing if it's true).
So if you give everyone say a 10% chance of false data at a 50% range, then you end up with only a 5% draw down on the overall survey without revealing much information individually.
I love the new longer format, I wasn't really sure I was watching minutephysics
Rigorously perfectly balanced, as all things should be
Privacy, what is that? 😀
The opposite of china
Dead.
@@holypython4418 and google
Oh you wouldn’t know, your pfp looks like its taken from your facebook
@@sodiboo it's*
The thing is that in nearly any given community epsilon is soooo small as to be practically unusable. I worry that this video will leave many thinking that we're dealing with epsilons that have useful value beyond being intellectually stimulating. I'm glad we're implementing matrix smoothing, but for everyone else who doesn't understand the math, there's nothing for you to worry about and you should really complete your census. Us nerds are busy battling privacy concerns long long before they should be of concern for people who aren't mathematicians.
Information theory was the hardest class in my MS but I got a lot out of it. I think everyone should learn the stats that were talked about in this video, it really grants a useful perspective.
What's MS?
Trurl master of science
@@willis936 What subject? Statistics? I did a bachelor's degree in computer science and we never had a a class on information theory. It just popped up a tiny bit in the context of error correction algorithms. Our class on theoretical computer science focused on formal languages, computability, and complexity -- information theory wasn't mentioned once.
Trurl Electrical engineering. Information theory is likely only an undergrad course for math majors (and is likely optional in most programs). It would be an optional grad course for EE, CS, and (probably) physics. For the practice of computer science (and not just programming), information theory isn’t terribly relevant, but it is necessary for a lot of practical applications (compression and encryption).
@@willis936 Sounds interesting. Encryption is unfortunately a topic we also skipped. Since I'm using Bayesian probability theory (in philosophy, not computer science) I noticed the relevance of information theory. Hard to get into it by your own, unfortunately.
When Minnesota is mentioned as an example. 1/50 odds. I'm buying a lotto ticket TODAY!
hey guys, my age is 50 +/- 50 years old, and I'm either Male or Female.
Through my incredible computational power of passing through your RUclips profile, I've narrowed the scope to being a male in your 20's.
Mwahaha!! Your privacy has been reduced.
Max Haibara youre 25 years old male.
Minutephysics posts a video which is about math, and which lasts 12 minutes.
Me: Cool, that is what I subscribed for(no sarcasm)
Oh hey, it's one of my favorite channels, TwelveMinuteMath
Brilliant demonstration and discussion of data privacy. Thank, and great job!
"Prominence of peaks on the possibility plot"
I love seeing how this shakes out in extreme cases like the dying towns that are down to a population in the single digits. The one single-person town that I know of infamously has a census population of "2" because of this jitter but obviously ALL data from that town is that one woman with jitter applied.
I would love to see a video on the prisoner's dilemma.
This is a topic from game theory, but he is a physicist. Then again, he could work with experts as in the current video.
This is the most comprehensible minutesphysics video ever. Did somebody tell you to summarize your points like... three times in this video? (Very unlike your previous videos)
Assuming there was no jitter, how much computing power would it take to get any remotely useful privacy-violating information out of the Census?
Great video! Thanks
Question: Do you know if these models take into account the noise inherently present in any data collection, especially on this scale?
I.e., assuming even zero perturbation of the data, the knowledge you get from it is still a proxy of the real information (due to human errors, intentional misinformation, etc.), so taking that into account might give you some leeway in your "privacy budget". Maybe this can be modeled as an increase in budget without harming privacy?
Just a thought :)
In Sweden, if you ask the government, you can get a list of the citizens of Sweden with where they live, what they earn, the Swedish form of social security number etcetera. Much information is public.
It’s nice to see sponsorships by things other than corporations. At least, not directly the same.
I do not rely on my government to jitter my data. I'm capable enough of doing it myself. But thank you for the idea of randomizing how much I deviate from the truth.
But... can't you extrapolate private information from previous non-rigorously-scrambled census data?
yes, but we gotta start sometime right?
@@harpiesd96 Right. I just wonder if the "averaging the noise" at 7:38 applies to scrambling within the same census, or across time. Similarly, if the "privacy loss budget" applies across time. Unlike your password, which you can change, if census data has been "leaked" anytime in the past, the privacy will be forever lost unless that person dies. Otherwise "15 yrs old male black arab" will be "20 yrs old male black arab" 5 years later.
Differential privacy actually addresses this issue quite neatly: All the 'plausibility' stuff is always formulated in terms of changes between prior beliefs (what an attacker already knew before we released our answer) and posterior belief (what he thinks is plausible now, knowing our answer). So while the 2020 census obviously cannot undo any privacy loss from previous years, it will guarantee that even someone who did attacks on previous years will learn (very close to) no additional information about anybody from the 2020 census.
Sure, it's not perfect, but you can't undo information leakage, no matter how much jittering you add to the new census ;) At least this formal thing guarantees that it won't help make attacking the old stuff easier and that you will learn basically nothing additional about the data.
"Don't get into those maths. Maths has not helped Einstein discover gravity"
To whoever said that(maybe not you): So? Math helped with about ten quadrillion things. I’m also pretty sure math helped discover gravity, so joke’s on you
Perceiving Physics Persons Percolated Preparations Postulating Possible Probablistic Privacy Problems Passified Personal Passion Pertaining Principled Privacy Process.
Database reconstruction theory is used in mechatronics to determine the state variables of a system given limited sensor information.
USA: We go through a lot to ensure the privacy of our citizens.
Sweden: We don't do that here.
I feel smart now! Truly underrated channel. It deserves more.
Back again after 4 years
The thing that sucks about this is that some people don't for some reason care about privacy when it's from something faceless like a survey or Google
Halfway through the video I was actually thinking of this as a "hold up, is this a lead to the HUP?" until jittering came in, which of course just cancelled out that thought entirely.
This video is awesome. Complicated statistical concept made much easier to understand. Thank you!
When it comes to jittering figures, "When you do things right, people won't be sure you've done anything at all"
Why does privacy matter so much in this regard? It's not like there's any sensitive information in it.
The last bit of the video was completely normative. I say this as someone torn between my love of privacy (introvert with trust issues here) and my love for mathematical accuracy.
The thing is, the actual results of the census are published after 72 years. This means the actual results from the 1950 Census will be released in 2022. So the results of the 2020 Census will be released in 2092.
Wow, we protect our privacy by Making America Think Harder!
This is quite interesting. I am from Sweden, and here you an find out how much tax everyone pays, their phone number, where they live, who they live with, what car they have, what pets they have, what companies they are involved in etc. Its all public.
i like the last part about surveys. i am currently in university and i have never heard about that happening. i study a social science so we make and also take part in studies and surveys.
now i think most of them could be traced back to each individual, including me.
also i think we should force online surveys to do that kind of stuff.
when youtube algorithm forces minutephysics to make a 10 min video to be promoted on the recommendation
Today, I learned that there were 11 people in the U.S. in 1990, 13 in 2000, and 14 in 2010. /s
My thesis paper was on differential privacy 3 years ago. I wish this video came earlier. :D
I like the old style, very good
2:45 "hiMOmIluvYou"
XD i just died laughing at that
A problem I see with this is that a lot of the useful information we gain from the survey is by looking at the evolution of data, compared to previous census. But in the end you might just be looking at random noise
Ok now send this video to everyone who had their DNA analyzed by a company
This.
I was tempted until I realized that once that information is known, it can never be 'unknown'. And it's only a matter of time until someone somewhere starts requesting it as part of something else. I might sound paranoid, but I'd like to know why someone wants certain information about me, other than that required by my doctors in treating my health.
I'm reluctant to, but I need to do it for medical reasons and the companies are the easiest way to do it
1:40 holy cow i wish I lived in a world where roughly a fourth of the population is trans or nonbinary, that would be a lovely gender distribution. Much love from your trans audience
Is jittering the only tool census takers have at their disposal for protecting privacy? What other (mathematical) methods have been explored?
Politicians: show inaccurate data to gains votes.
People: how can you lie to us?
Politicians: but... but I protected your privacy.
Good computer security pretty much boils down to a mathematical solution too. With the exception of a someone with physical access to the computer and knowledge of the password.
So what I learned from the video is that the ultimate privacy-violating hacker attacker is a stick figure cat.
What if each participant writes a random value which is then used to introduce noise to each census (their own or of a different participant)? This wouldn't introduce enough random noise that the final results will be both accurate and impossible to reverse with 100% accuracy? Kinda like one-way encryption
It's a valid option, although in practice you'd probably get the Census Bureau to do that to the data before they calculate what they publish. It's got some benefits over adding noise to the published figures, but there are also drawbacks, mostly around that problem of keeping the results accurate enough to be useful.
Short Answer: no, because the attack on privacy of sensitive information relies mostly on the published figures, and as such, when the attackers try to find the plausible inputs, they find every person's fake, random data in addition to the real data from the rest of them. Privacy would still be violated for most persons; the noise must be implemented into the published figures, which fundamentally change everyone's most probable data in such a way as to be rendered incorrect to the attacker.
I was thinking more in lines of entropy, but ok.
Yay! My favourite channel, 12minutemaths has uploaded a new video!
(I do actually love the video, I’m not hating, I just think it’s funny.)
I already lie my age or date of birth in things that doesn`t matter such as hair dresser salon registration, forum registration, even facebook. So if you lie to US Census (in a way that you think it won`t matter) like saying you are 31 instead of 28 and then the US Census change that a little more, you get a bunch or wrong data all over.