Transparent Privacy is Principled Privacy

Differential privacy revolutionizes the way we think about statistical disclosure limitation. A distinct feature of differential privacy is that the probabilistic mechanism with which the data are privatized can be made public without sabotaging the privacy guarantee. In a technical treatment, this paper establishes the necessity of transparent privacy for drawing unbiased statistical inference for a wide range of scientific questions. Uncertainty due to privacy may be conceived as a dynamic and controllable component from the total survey error perspective. Mandated invariants constitute a threat to transparency when imposed on the privatized data product through "post-processing", resulting in limited statistical usability. Transparent privacy presents a viable path towards principled inference from privatized data releases, and shows great promise towards improved reproducibility, accountability and public trust in modern data curation.