Abstract

The chapter begins by discussing the concept needed before embarking on such a task (Section 13.1.1), highlighting the importance of defining the unit of privacy, understanding the attack model, and setting accuracy requirements. We then delve into the methods and tools available for centralized training, examining their strengths, weaknesses, and practical considerations (Section 13.2). Therein, we also consider federated learning and discuss its methods, privacy implications, and the challenges it presents. Finally, in Section 13.4 we address the crucial aspect of privacy testing and evaluation and provide insights into potential vulnerabilities to help practitioners understand the effectiveness of their privacy-preserving strategies. The goal of this chapter is to equip practitioners and researchers with the knowledge and tools necessary to implement differentially private machine learning effectively, balancing privacy protection with utility and performance.