Introduction

Explainability can leak training data: "This applicant was approved because similar approved applicants have characteristics A, B, C" may reveal training data characteristics. Differential privacy—adding mathematical guarantees that individual data points cannot be inferred from outputs—enables explanations without privacy leakage.

Differential Privacy for Explanations

When explaining predictions, add noise to protect individual privacy. For example, "Most approved applicants have income > $50k" becomes "Most approved applicants (within margin of error ±5%) have income > $50k." Noise prevents identifying specific individuals from explanations. Trade-off: noise reduces explanation utility; design trade-off appropriately.

Implementation

Use differential privacy libraries (OpenDP, TensorFlow Privacy) to add noise to explanations. Specify privacy budget (epsilon): smaller epsilon means stronger privacy but less useful explanations. Higher epsilon means more useful explanations but weaker privacy. Choose epsilon reflecting privacy requirements.

Conclusion

Differential privacy enables transparent explanations while guaranteeing individual data privacy, meeting both transparency and data protection obligations.