RESEARCH REPORT Decennial Disclosure An Explainer on Formal Privacy and the TopDown Algorithm Claire McKay Bowen Aaron R. Williams Madeline Pickens September 2022 RESEARCH METHODS AND DATA ANALYTICS ABOUT THE URBAN INSTITUTE The nonprofit Urban Institute is a leading research organization dedicated to developing evidence-based insights that improve people’s lives and strengthen communities. For 50 years, Urban has been the trusted source for rigorous analysis of complex social and economic issues; strategic advice to policymakers, philanthropists, and practitioners; and new, promising ideas that expand opportunities for all. Our work inspires effective decisions that advance fairness and enhance the well-being of people and places. Copyright © September 2022. Urban Institute. Permission is granted for reproduction of this file, with attribution to the Urban Institute. Cover image by Tim Meko. Contents Acknowledgments iv Decennial Disclosure 1 Introduction to the 2020 Census and Data Privacy 1 Data Privacy Definitions and Terminology 4 Data Privacy Methodology Workflow 6 Introduction to Formal Privacy 10 Formal Privacy 10 Differential Privacy and Other Formally Private Definitions 11 Privacy-Loss Budget 13 Global Sensitivity 16 Gaussian Mechanism 17 Models of Differential Privacy 19 Introduction to 2020 Disclosure Avoidance System 21 Privacy and Utility Measures 21 Statistical Disclosure Control Method 22 Takeaways and Ongoing Challenges 26 Notes 29 References 30 About the Authors 31 Statement of Independence 32 iv ACKNOWLEDGMENTS Acknowledgments This report was funded by the Tableau Foundation. We are grateful to them and to all our funders, who make it possible for Urban to advance its mission. The views expressed are those of the authors and should not be attributed to the Urban Institute, its trustees, or its funders. Funders do not determine research findings or the insights and recommendations of Urban experts. Further information on the Urban Institute’s funding principles is available at urban.org/fundingprinciples. The authors thank the following individuals who generously provided invaluable feedback that greatly improved this explainer:  Constance Citro, Senior Scholar, Committee on National Statistics at the National Academies of Sciences, Engineering, and Medicine  Ron Prevost, Research Professor, Massive Data Institute, McCourt School of Public Policy at Georgetown University  Leslie Reynolds, Research Support Specialist, Program on Applied Demographics, Cornell Jeb E. Brooks School of Public Policy  Joseph Salvo, Fellow, Social and Decision Analytics Division at the University of Virginia Biocomplexity Institute  Meghan Stuessy, Analyst, Government Organization and Management at Congressional Research Service  David Van Riper, Director of Spatial Analysis, Institute for Social Research and Data Innovation at the University of Minnesota  Jan Vink, Extension Associate, Program on Applied Demographics, Cornell Jeb E. Brooks School of Public Policy  Izzy Youngs, Research Specialist, Massive Data Institute, McCourt School of Public Policy at Georgetown University Decennial Disclosure Although collecting more and better data can provide great benefits to society, such as furthering medical research or targeting investments to those most in need, data privacy concerns surface from those charged with protecting data when that information can be de-anonymized and used maliciously. For example, the US Census Bureau conducted a simulated attack on the 2010 Decennial Census and discovered they could reidentify about one-sixth of the US population using publicly available data (such as name, sex, and age) from external sources, like public social media profiles (Leclerc 2019). This type of attack on the 2020 Decennial Census has the potential to be even more disclosive because of the detailed information collected, such as more race and ethnicity categories, that could lead to more individuals being identified with great specificity. The reconstruction attack results and the more detailed information available in the decennial census motivated the Census Bureau to update their Disclosure Avoidance System (DAS) from traditional statistical disclosure control methods to a formally private method—the TopDown Algorithm—for the 2020 Decennial Census. However, this drastic change in how data privacy and confidentiality was defined for the 2020 DAS caused significant friction between the US Census Bureau and census data users. For instance, leaders from states, counties, cities, and towns rely on census data for school planning, budgeting, social program provisions, redistricting, revenue sharing, and a multitude of other statutory requirements. These data users want more accurate data at granular geographic areas and fear that the updated DAS will lead to incorrect public policy decisions. This explainer aims to help readers better understand what formal privacy is and how the TopDown Alg