<a href="https://colab.research.google.com/github/mcutchlow/mcutchlow/blob/main/data-ethics-pa.ipynb" target="_parent"><img src="https://colab.research.google.com/assets/colab-badge.svg" alt="Open In Colab"/></a>

###### University of Chicago
###### DATA 25900: Ethics, Fairness, Responsibility, and Privacy in Data Science, Spring 2023
###### Course Staff: Raul Castro Fernandez, Zhiru Zhu

# Part 1: Inferential Statistics

## Problem 1.1

A financial auditor is assessing the risk that different individual institutions across the country have taken while
giving grants to people. The auditor uses an opaque, inaccessible machine learning model. They have applied this model
to 10,000 records of loan data that represent loans made to adults in the US. It is unclear to us how the ML model
works. All we know is that the model takes as input a row of the table and produces a label (`ml_risky_pred`) whose
possible values are 1, 0, or -1. A value of 1 indicates that a loan was given to a person classified as 'risky'.
A person classified as 'risky' is one who is not likely going to repay the loan according to the ML algorithm.
A value of 0 indicates that the loan is not risky and that the person who received it is likely to repay the loan.
In addition, in some cases the model produces a -1, which is to be interpreted as 'prediction unavailable'.
From the perspective of a financial institution being assessed by this auditor, it is in their interest to have few
loans that were granted to 'risky' people. That indicates that the companies' own risk models are working well.
From the perspective of a state, it is in their interest that few financial institutions in their territory have
granted few loans to 'risky' people. Doing so promotes economic stability.

In `loans_data.csv`, you have all loan data available, along with the label provided by the black-box ML model. There is an accompanied documentation (`loans_data.md`) explaining what each attribute means.

In [None]:
import pandas as pd

loan_data = "data/Part1/loans_data.csv"
df = pd.read_csv(loan_data)
df

Unnamed: 0,emp_title,emp_length,state,homeownership,annual_income,verified_income,debt_to_income,annual_income_joint,verification_income_joint,debt_to_income_joint,...,issue_month,loan_status,initial_listing_status,disbursement_method,balance,paid_total,paid_principal,paid_interest,paid_late_fees,ml_risky_pred
0,global config engineer,3.0,NJ,MORTGAGE,90000.0,Verified,18.01,,,,...,Mar-2018,Current,whole,Cash,27015.86,1999.33,984.14,1015.19,0.0,0
1,warehouse office clerk,10.0,HI,RENT,40000.0,Not Verified,5.04,,,,...,Feb-2018,Current,whole,Cash,4651.37,499.12,348.63,150.49,0.0,1
2,assembly,3.0,WI,RENT,40000.0,Source Verified,21.15,,,,...,Feb-2018,Current,fractional,Cash,1824.63,281.80,175.37,106.43,0.0,0
3,customer service,1.0,PA,RENT,30000.0,Not Verified,10.16,,,,...,Jan-2018,Current,whole,Cash,18853.26,3312.89,2746.74,566.15,0.0,0
4,security supervisor,10.0,CA,RENT,35000.0,Verified,57.96,57000.0,Verified,37.66,...,Mar-2018,Current,whole,Cash,21430.15,2324.65,1569.85,754.80,0.0,0
...,...,...,...,...,...,...,...,...,...,...,...,...,...,...,...,...,...,...,...,...,...
9995,owner,10.0,TX,RENT,108000.0,Source Verified,22.28,,,,...,Jan-2018,Current,whole,Cash,21586.34,2969.80,2413.66,556.14,0.0,0
9996,director,8.0,PA,MORTGAGE,121000.0,Verified,32.38,,,,...,Feb-2018,Current,whole,Cash,9147.44,1456.31,852.56,603.75,0.0,1
9997,toolmaker,10.0,CT,MORTGAGE,67000.0,Verified,45.26,107000.0,Source Verified,29.57,...,Feb-2018,Current,fractional,Cash,27617.65,4620.80,2382.35,2238.45,0.0,0
9998,manager,1.0,WI,MORTGAGE,80000.0,Source Verified,11.99,,,,...,Feb-2018,Current,whole,Cash,21518.12,2873.31,2481.88,391.43,0.0,0


#### 1.1.1: Suppose the dataset contains all relevant loans, i.e., the entire population of loans in the US. What's the percentage of current loans granted in Illinois that are risky? How does that compare with the whole US? If you find missing values, you can report them separately and you do not need to deal with them in this case.
(*Note:* `Current` is a one of the categories of attribute `loan_status`; check the documentation for more info).

#### 1.1.2 Suppose the dataset does not represent all relevant loans, but instead only a sample of them. Repeat 1.1.1, but now knowing that the loans are a sample of the total population of loans.

#### Regardless of reality, your boss wants to make the claim that the percentage of current risky loans in the state of Illinois is much lower than those deemed risky in the entire US. They want to take advantage of the situation to claim that financial institutions in the state of Illinois have better risk management than other states' institutions. Regardless of whether this claim is accurate and justifiable, the analyst produced the code you see below to make the point. Take a look at the code the analyst wrote:

In [None]:
population = df[(df['state'] == 'IL') & (df['loan_status'] == 'Current')]['ml_risky_pred']

In [None]:
sample_size = 50
for i in range(500000):
    sample = population.sample(sample_size, replace=False)
    num_risky_loans = sum(sample)
    if num_risky_loans <= 10:
        print("Found it: ", str(num_risky_loans))
        break

Found it:  10


In [None]:
sample_proportion = num_risky_loans / len(sample)
sample_proportion

0.2

In [None]:
# random sample, so independence condition holds
# testing success-failure condition (using the null value)
mean = 0.5
condition_one = sample_size * mean
condition_two = sample_size * (1 - mean)
condition_one > 10 and condition_two > 10

True

In [None]:
import math
# standard error of normal distribution for the p-value
se = math.sqrt((mean*(1 - mean)) / sample_size)
se

0.07071067811865475

In [None]:
# If the null hypothesis is true, then the null distribution follows a normal with:
# mean = 0.5
# se = 0.07

In [None]:
# Our point estimate is 0.2. We now find the tail area for that one

In [None]:
z = (sample_proportion - mean) / se
z

-4.242640687119285

In [None]:
import scipy.stats

# find p-value for two-tailed z-test
p_value = scipy.stats.norm.sf(abs(z))*2
p_value

2.2090496998585445e-05

In [None]:
p_value < 0.05

True

#### 1.1.3 The analyst claims they can reject the null hypothesis because p < 0.05. Furthermore, they defend they used a random sample so the independence condition holds. They use this evidence to claim that the percentage of risky loands in IL is lower than elsewhere. Having studied the code, provide a list of bullet points with the problems you see and that you would communicate to a decision maker to persuade them *not* to use this analysis.

#### 1.1.4 What if you did not have access to the code or the data? Instead the analyst tells you that they found significant evidence that the number of risky loan in Illinois is below the national average. What would you have to do to test that claim?

## Problem 1.2

An analyst has run a number of experiments and obtained the following p-values for each. Correct for multiple comparisons using Bonferroni methods and False Discovery Rate. Assume alpha = 10%. *In this case, we ask you to write the code yourself, as opposed to using an existing library.*

In [None]:
p_values = [0.004, 0.44501577, 0.74140679, 0.0003, 0.0040743296,
       0.40743933, 0.94285637, 0.00158846, 0.31936529, 0.70628362,
       0.3215325 , 0.32070448, 0.5955953 , 0.02785609, 0.04227114,
       0.28696007, 0.0057042, 0.6233334 , 0.18193275, 0.07893028,
       0.00928628, 0.41068771, 0.5269194 , 0.077115  , 0.00308907,
       0.54416113, 0.12486744, 0.64642929, 0.27404033, 0.38526039,
       0.27368472, 0.96800706, 0.49461555, 0.14509363, 0.0461658,
       0.0007261, 0.58272264, 0.02501718, 0.09205833, 0.57803194,
       0.76988452, 0.5680329 , 0.45396565, 0.38166771, 0.06963406,
       0.23581046, 0.3225289 , 0.8547721 , 0.63443332, 0.03894686,
       0.62706277, 0.35008823, 0.24922772, 0.72962402, 0.84872948,
       0.82414566, 0.20067363, 0.37857999, 0.62977724, 0.0005504,
       0.31590734, 0.4263561 , 0.0009078, 0.00180797, 0.79175501,
       0.9124886 , 0.47129693, 0.84219809, 0.64118798, 0.25942479,
       0.00109813, 0.93798016, 0.48571054, 0.94116676, 0.00439978,
       0.79443381, 0.53468295, 0.38246722, 0.53655595, 0.02342969,
       0.41306335, 0.63949623, 0.003028193, 0.30213487, 0.20940324,
       0.30791922, 0.82000972, 0.62882809, 0.0021391 , 0.69611787,
       0.005386676, 0.83363883, 0.24132303, 0.37158356, 0.34748915,
       0.07166326, 0.61643089, 0.00097506, 0.00103997, 0.4072646]

#### 1.2.1 If alpha = 10%, how many experiments would correspond to a discovery (without correction)?

#### 1.2.2 Correct for multiple comparisons using **Bonferroni correction**. How many discoveries you made after the correction and what are the correspondng p-values?

#### 1.2.3 Correct for multiple comparisons using **Holm-Bonferroni correction**. How many discoveries you made after the correction and what are the correspondng p-values?

#### 1.2.4  Correct for multiple comparisons using **False Discovery Rate**. How many discoveries you made after the correction and what are the correspondng p-values? Assume the maxinum false discovery rate Q to be the same as alpha.

#### 1.2.5 Comment on your observations. How do these three methods compare with each other?

# Part 2: Dealing with Missing Data

A self-driving company is testing a new concept for a self-driving car. As part of the pilot test, there is a human inside the vehicle every time the vehicle goes on for a trip. The vehicle is equipped with sensors that collect different data streams. Every time a trip is over, a computer collects data from the vehicle's sensors and some input from the human. The resulting dataset is then loaded into a database, where it becomes available for analysis to other data scientists downstream.

The data scientist who used to work with the database has left the company. Coincidentally, the database is down, so you cannot access it directly. Fortunately, the previous scientist did a good job in hardening the *pipeline* and there exists a backup copy of the database as a csv file (`travel-times.csv`).

Before leaving, the previous data scientist left a brief note: "there are some missing values in this dataset".

#### 2.1 Load the dataset `travel-times.csv`. How many cells have a missing value? Note the pipeline of stages here, from the moment where the data is generated to the moment where it gets to you is a bit more complex than in the past. Think carefully about what may go 'wrong' while the data flows through that pipeline.

#### 2.2 We want to understand what is a typical distance travelled. We know the car reliably measures the 'Distance' travelled in kilometers. This data, however, cannot be directly fed into the database, so the analyst reads it and inputs it manually. However, the analyst apparently forgets inputting the data sometimes, leading to some missing values. Before analyzing the results, fix the data in the 'Distance' column using the following methods:

##### 2.2.1 Fix 'Distance' by dropping missing values.

##### 2.2.2 Fix 'Distance' by using LOCF (last observation carried forward) hot-deck imputation.

##### 2.2.3 Fix 'Distance' by using mean imputation.

##### 2.2.4 Fix 'Distance' by using multiple imputation. We suggest 'MICE', which has an implementation (IterativeImputer) with sklearn, [here](https://scikit-learn.org/stable/modules/generated/sklearn.impute.IterativeImputer.html#sklearn.impute.IterativeImputer)

#### 2.3 All the above methods are common ways of dealing with missing values. Step back and concentrate on the original problem in 2.2. How would you fix the missing values? Which approach would you choose if you had to show this data to a decision-maker and you want to make the case that you have a reasonable and *interpretable* method? (You cannot drop values in this case and you may think of approaches beyond the ones in 2.2.1 - 2.2.4).

#### 2.4 After deciding an imputation strategy, how would you present the 'fixed' dataset to the decision-maker? Note the decision-make may use the dataset directly, or have more components of a pipeline in use. Create the dataset you would present the decision maker and show it here along with a brief description of what you did.

# Part 3: Intro to ML

## Problem 3.1 - Supervised Machine Learning

#### Machine learning starts with data. For this assignment we will be using the UCI income dataset `train.csv`. This is data collected from the US census in 1994. It contains demographic data paired with information about whether the person in the entry has annual income over $50,000. While this data is of questionable use for solving data science problems (why?), it is commonly used as a benchmark for machine learning tasks. You can read about what each of the variables in the dataset means [here](http://archive.ics.uci.edu/ml/datasets/Census+Income). 

#### 3.1.1  Before we use this data we'll need to do some preprocessing. First you need to handle missing values. In this case you can simply drop them.

#### In addition to making sure that the numeric data is properly encoded, there are several categorical variables in this data set. For example, ``workclass`` contains information about what sector each person is employed in. If we encode this by saying that State-gov=0, Self-emp-not-inc=1, etc. certain kinds of models (e.g. logistic regressions) will treat this as a statement that there is an *ordering* of these variables. The way to avoid this is by doing something called [**dummy-coding**](https://stats.idre.ucla.edu/other/mult-pkg/faq/general/faqwhat-is-dummy-coding/). Use pandas [`get_dummies`](https://pandas.pydata.org/docs/reference/api/pandas.get_dummies.html) API to convert all categorical columns into dummy coded columns.

#### 3.1.2 This is technically enough processing to build a model. Lets start by using the Python library Scikit-lean (*sklearn*) to create a [Random Forest Classifier](https://scikit-learn.org/stable/modules/generated/sklearn.ensemble.RandomForestClassifier.html). This classifier should predict whether a person has an income above $50,000. Carefully examine and modify the code below based on the comment:

In [None]:
from sklearn.model_selection import train_test_split

In [None]:
# change df_dummy to the dataframe with dummy coded columns you created in 3.1.1
X = df_dummy.drop("income_>50K",axis=1)
y = df_dummy["income_>50K"]

In [None]:
X_train, X_test, y_train, y_test = train_test_split(X, y, test_size=0.2, random_state=101)

In [None]:
from sklearn.preprocessing import StandardScaler
from sklearn.ensemble import RandomForestClassifier
from sklearn.model_selection import GridSearchCV, KFold
from sklearn.metrics import accuracy_score

In [None]:
def platform_preprocess(X_train, X_test):
    # preprocess data
    scaler = StandardScaler()
    scaled_X_train = scaler.fit_transform(X_train)
    scaled_X_test = scaler.transform(X_test)
    return scaled_X_train, scaled_X_test

def platform_train_process(X_train, y_train):    
    # model selection and training
    parameters_for_testing = {
    "n_estimators"    : [100,150,200] ,
     "max_features"        : [3,4],
    }
    model = RandomForestClassifier()
    kfold = KFold(n_splits=10, random_state=None)  
    grid_cv = GridSearchCV(estimator=model, param_grid=parameters_for_testing, scoring='accuracy', cv=kfold)
    result = grid_cv.fit(X_train, y_train)
    print("Best: {} using {}".format(result.best_score_, result.best_params_))
    
    # model training
    tuned_model = RandomForestClassifier(n_estimators=result.best_params_['n_estimators'],
                                         max_features=result.best_params_['max_features'])
    tuned_model.fit(X_train, y_train)
    
    return tuned_model

def platform_test_model(model, X_test, y_test):
    # prediction on test data (benchmark)
    predictions = model.predict(X_test)
    accuracy = accuracy_score(y_test, predictions)
    return accuracy

In [None]:
pp_X_train, pp_X_test = platform_preprocess(X_train, X_test)
# train
model = platform_train_process(pp_X_train, y_train)

In [None]:
# test
accuracy = platform_test_model(model, pp_X_test, y_test)
print("Acc: " + str(accuracy))

#### What does the function `train_test_split` do and why should we use it? Report the train and test accuracy that were printed and interpret them in a few sentences.

#### 3.1.3 There are many different kinds of models you can use (e.g., decision tree, logistic regression, neural network) to build a classifier. Scikit-learn implements many of the most popular model classes. Pick one other model class and train a supervised learning model you believe to be reasonably generalizable using the same data. If you've never built models before, feel encouraged to do some searching through the Scikit-learn documentation or other tutorials to see how to build other models. Note that you may need to apply some transformations to the data depending on the model class you choose and you need to use some form of cross validation to prevent overfitting. Report metrics such as train / test accuracy. How does it compare to random forest classifier above?

# Part 4: Fairness and Interpretability


For this assignment we will be using the UCI income data set (`income.csv`) that you used in Part 3 with few additional columns. As you may recall, this is data collected from the US census in 1994. It contains demographic data paired with information about whether the person in the entry has annual income over $50,000.

In this dataset, some variables are considered "sensitive attributes" (protected attributes in some cases). These are generally regarded as inappropriate bases on which to make decisions because of the potential for discrimination.

**Before you start:** Make sure you understand the concept of a function, and that you can use it. We provided instructions in PA 0 with a few links to resources you can use to learn what these are. In this part, you should use them extensively. If you don't, you'll find yourself spending a long amount of time writing long, tedious Python code. If you use them effectively though, you'll find yourself *reusing common functionality across problems* and saving a lot of time as a consequence. 

**You can use libraries, such as [fairlearn](https://fairlearn.org), to compute the fairness metrics, but make sure you understand how the metrics are computed and how to use the relevant APIs with the right input and output.**

#### 4.0 We'll be working with the *two* models from Part 3 (the random forest model we gave you and the alternative one you built). Retrieve those (as functions or replicate your code here), and ensure you can read/preprocess the data, train them, and make inferences. You can train the model using the full data instead of splitting it into train and test data. You can use the same features you used in Part 3, even though the dataset we provide you in this part may have a few additional columns (so you can just ignore those until we use them explicitly).

#### 4.1 To start, for each of the models, obtain the predicted labels `y_pred`, and plot the false positive and false negative rates by different genders and races. You may want to use [grouped bar chart](https://matplotlib.org/stable/gallery/lines_bars_and_markers/barchart.html). Describe any patterns you see.

#### 4.2 One proposed fairness definition is **disparate impact**. Disparate impact is defined as the ratio ``Pr[Y_pred = 1 | A = 1] / Pr[Y_pred = 1 | A = 0]``. If this ratio is less than some threshold ``tau``, it is considered to have disparate impact. In this definition A = 1 when the person belongs to the group we're worried about being discriminated against and A = 0 when the person belongs to any other groups.

#### Evaluate the two models using this measurement by looking at different groups in gender and race. Explain the results you see and interpret them in the context of the metric. Can you identify any particular groups that the models seem to disproportionately give positive predictions to? How would it affect the model's fairness? Give a brief answer.

#### 4.3 Another proposed fairness definition is **equalized odds**. For binary classifiers, this requires that `Pr[Y_pred = 1 | A = 0, Y = a] = Pr[Y_pred = 1 | A = 1, Y = a]` for a in {0, 1}. 

#### For each model, obtain the values from both sides of the equation with A corresponding to gender. Are they equal (for Y = 0 or Y = 1)? If not, What are the differences? Perform the same calculations with A corresponding to Black/Non-black races. What do these numbers say about the two models you have?

#### 4.4 The column ``predictions`` in the dataset we distribute in this Part 4 contains predictions from a black-box model we have constructed. Examine the predictions in light of gender and Black/Non-black races. Do they seem fair by the two fairness metrics you've seen in 4.2 and 4.3?

#### 4.5 "Intersectionality" is a term coined by Kimberlé Crenshaw used to refer to the phenomena in anti-discrimination law where plaintiffs who brought cases alleging discrimination on two bases (e.g., sex and race) would lose cases because the sex-based discrimination claims and the race-based discrimination claims would be evaluated separately, rather than considering the intersection between different demographic categories. For example, black women alleging discrimination in a seniority system were denied relief because the seniority system did not disadvantage black employees (compared to all non-black employees) when ignoring gender. It also did not disadvantage women (compared to all non-women) when ignoring race. However, the seniority system **did** discriminate against the intersectional category of black women (compared to all data subjects who were not black women). 

#### Analyze the accuracy of the two models through this intersectionality lens. Since the number of comparisons to make grows fast with the number of intersectional groupings, please choose two intersectional groupings you consider to be of particular importance and evaluate the two models with respect to those groupings. What do you conclude? Give a brief response.

# Part 5: Differential Privacy

## Problem 5.0 - K-anonymity

[K-anonymity](https://en.wikipedia.org/wiki/K-anonymity) is a privacy concept - a dataset satisfies k-anonymity if every individual appearing in the dataset cannot be distinguished from at least k-1 other individuals in the dataset. K-anonymization can prevent re-identification attack since the attackers cannot identify a single individual out of k records that all share the same [quasi-identifier](https://en.wikipedia.org/wiki/Quasi-identifier) attributes. However, one of the biggest caveat of k-anonymization is that the privacy protection it offers can degrade drastically when dealing with *multiple releases*.

Consider the following two datasets containing patients records from two different hospitals. In both datasets, zipcode, age, nationality are considered non-sensitive quasi-identifiers in this dataset, and condition is a sensitive attribute that should be excluded. The records from hospital A is 4-anonymous and the records from hospital B is 6-anonymous (double check this is the case).

In [None]:
import pandas as pd

df1 = pd.read_csv("data/Part5/hospital_A.csv")
df1

Unnamed: 0,zipcode,age,nationality,condition
0,606**,< 30,*,COVID
1,606**,< 30,*,Heart Disease
2,606**,< 30,*,Viral Infection
3,606**,< 30,*,Viral Infection
4,606**,>= 40,*,Cancer
5,606**,>= 40,*,Heart Disease
6,606**,>= 40,*,Viral Infection
7,606**,>= 40,*,Viral Infection
8,606**,3*,*,Cancer
9,606**,3*,*,Cancer


In [None]:
df2 = pd.read_csv("data/Part5/hospital_B.csv")
df2

Unnamed: 0,zipcode,age,nationality,condition
0,606**,< 35,*,COVID
1,606**,< 35,*,Tuberculosis
2,606**,< 35,*,Flu
3,606**,< 35,*,Tuberculosis
4,606**,< 35,*,Cancer
5,606**,< 35,*,Cancer
6,606**,>= 35,*,Cancer
7,606**,>= 35,*,Cancer
8,606**,>= 35,*,Cancer
9,606**,>= 35,*,Tuberculosis


#### 5.0.1 If Alice visited both hospitals, and she is 28, can you deduce Alice’s medical condition from the combination of the two datasets? Does the combined dataset still satisfy k-anonymity?

## Problem 5.1 - Randomized Response

Differential privacy is a mathematical criterion for quantifying and preserving privacy during data analysis. In this assignment you will be asked to build up an implementation of certain analyses that achieve (epsilon, delta) differential privacy.

#### 5.1.1 The origin of differential privacy is in **randomized response**. In a randomized response protocol, the person taking a survey is asked to privately flip a coin. If the coin lands on heads, then the person should answer the yes or no question truthfully. If the coin lands on tails, then the person should privately flip the coin again and respond yes if heads and no if tails.

#### Write a program to simulate this process with a population of 1000 people. Run the simulation 100 times where the percentage of people for whom the *true* answer to the survey question is yes is 1%, 10%, 25% and 50%. For example, if the percentage is 1%, then there should be 10 people whose true answer is yes. You can use methods such as [numpy.random.choice](https://numpy.org/doc/stable/reference/random/generated/numpy.random.choice.html) to generate the actual answers based on the coin flips (for this question consider the coin to be fair with probability of 0.5 of flipping heads or tails). We provide you with some skeleton code to help you get started.

#### For each percentage, plot a histogram with the x-axis being the proportion of yes responses and y-axis being the number of runs. Also compute the expected probability of answering yes for each percentage. What do you notice about the distribution in relation to the probability you just computed? Write a few sentences describing what you see.

In [None]:
def simulate(percentage, n_pop=1000, coin_prob=0.5): # assign default values to some parameters
    # fill in your code here
    # returns the proportion of yes responses out of n_pop (ie. num of yes responses / 1000)
    return 

# a list containing the simulation result for each percentage
simulations = []

# iterate over different percentages
for percentage in [0.01, 0.1, 0.25, 0.5]:
    # simulate result for the current percentage
    simulation = []
    # simulate 100 times
    for _ in range(100):
        # run the simulate function and add the result to list
        proportion = simulate(percentage)
        simulation.append(proportion)
    # add the simulation result to the simulations list
    simulations.append(simulation)

In [None]:
# plot histograms using results from the simulations list

#### 5.1.2 In the randomized response, the coin flip was parameterized at 1/2 probability of answering truthfully. Try biasing the coin so that the probability of deciding to *not* answer truthfully is 0, 1/8, 1/4 and 1/2. Run the simulation again this time choosing the percentage of true yes answers equal to 1/4, and make histograms similar to the ones made in 5.1.1. Note that the probability of responding yes given a decision to produce a fake answer (when the first coin lands on tail) should still be 1/2. You should reuse the `simulate` function in 5.1.1 (notice the function parameters include everything you need to vary!)

#### Do you notice any pattern in the histograms? Specifically, as the coin probability decreases from 1/2 to 0, how does the distribution change?

#### Calculate the standard deviation of each simulation's distribution (of the proportion of yes responses). How does the standard deviation change?

## Problem 5.2 - Laplace Mechanism

Differential privacy is a definition, rather than a technique. The randomized response you saw in question 1 is an example of a technique that satisfies (*ln* 3, 0) differential privacy. Another common method for achieving  differential privacy is the Laplace mechanism. 

The Laplace mechanism is a method for achieving differential privacy. While randomized response is distributed, in that the data aggregator finds out about only the noisy data, the Laplace mechanism is centralized. The Laplace mechanism is meant for a scenario in which a data aggregator already has the "true" data, but wants to release the results of queries without violating the privacy of whose data it controls. It does this by adding random noise to the output of these queries. The noise in this case is sampled from the [*Laplace distribution*](https://en.wikipedia.org/wiki/Laplace_distribution), hence the name.

The key to the Laplace mechanism is the way that it chooses the scale of the distribution the noise is sampled from. The scale of the distribution is the "spread", how large the standard deviation is, how large and how likely you are to see significant outliers. A scale that is larger means that on average there will be more noise, and more privacy, whereas a scale that is closer to 0 will be closer to the original value and therefore less private. In the Laplace mechanism, the scale is set as the sensitivity of the query over epsilon. Recall that smaller epsilon -> more privacy, larger epsilon -> less privacy.

What is the sensitivity of a query? For our purposes, we can just think of a query as a function that takes data and produces a numerical answer. The sensitivity of the query is the maximum amount that the query can differ if you give it data that is modified in a single entry. For example, let's say we want to count the number of entries in a vector that are greater than 12.6. 

In [None]:
def query(array): # our query
    return sum(array > 12.6)

Then think about two hypothetical databases (which we can think of right now as just vectors). These databases (vectors) are *neighbors* meaning that they differ in exactly one entry. *x* and *y* in the cell below are examples of one such set of neighboring databases.

In [None]:
import numpy as np
x = np.array([0, 15, 26, 35, -10, 12])
y = np.array([12.7, 15, 26, 35, -10, 12]) 

The difference in answers between running the query on *x* and *y* is 1. A hypothetical attacker could use information like this (or more realistically a series of slightly different queries) to recover information about people in the database.

In [None]:
abs(query(x) - query(y))

1

Crucially, the most that the output of this query could be altered given any database *z* is by taking an entry of *z* that is above 12.6 to be below 12.6, or taking an entry below 12.6 to be above 12.6. In either case, this would only change the output of the query by at most 1, so the sensitivity of this query is 1. Therefore, the Laplace mechanism would add to the output of this query a value drawn from a Laplace distribution with scale `1/eps`.

#### 5.2.1 Now, suppose we have a counting query that counts the number of people answering yes to the survey as in problem 5.1 (but without the random response, so it's simply the number of truthful yes answers). What is the sensitivity of this query? Implement the Laplace mechanism for this query with your specified sensitivity, by adding noise drawm from the Laplace distribution to the output count. Like you did in problem 5.1, construct a population with percentage of true yes answers equals 1/4, and run the simulation (100 runs each) for epsilon values 10, 1, 0.1 and 0.01. You can generate Laplacian noise through the [``laplace.rvs``](https://docs.scipy.org/doc/scipy/reference/generated/scipy.stats.laplace.html) function.

#### Plot the distribution of laplace count for each of the four epsilon values using a [boxplot](https://matplotlib.org/stable/api/_as_gen/matplotlib.pyplot.boxplot.html).

In [None]:
def laplace_count(arr, epsilon): 
    # fill in your code here
    # Given a list of survey responses and an epsilon value, return the noisy count of yes responses
    return

# construct the arr list, run simulations by calling laplace_count 100 times for each epsilon (remember what you did in 5.1?)

In [None]:
# plot

#### 5.2.2 Examine the graph you just made. What do you notice about the distribution of answers as epsilon decreases? What happens when epsilon is quite small (e.g. less than 0.01?) Does this pose any problems?

#### 5.2.3 Compute the average laplace count (over 100 runs) for each epsilon. How much do they differ from the true count of the population? What is the standard deviation for each epsilon? What does this suggest about repeated queries under the differential privacy framework? How can a data curator/aggregator defend against repeated queries?

#### 5.2.4 Counting is useful, but sometimes we also need answers to other questions like mean and median. Implement the Laplace mechanism for computing the mean of a *real valued array*. For this you will need to derive the sensitivity of the mean. That is, how much a query may vary given a difference of one entry. To do this, you will need to add as a parameter the allowable range of the list -- the maximum and minimum values that are allowable. 

#### You should think carefully about how to handle data that is out of the specified range. Specifically, if you drop data outside of the range, how would that affect the sensitivity analysis? Could this inadvertently reveal information meant to remain private? Is there a better way to handle data that avoids these problems?

In [None]:
def laplace_mean(arr, epsilon, min_val, max_val):
    # fill in your code here
    # arr is a list of real values
    return

##### 5.2.4(a) Using the data in the income data set (`income.csv`), plot the average difference between the true mean and the differentially private mean over 100 runs for feasible points in the grid formed by minimum and maximum age, using epsilon = 0.1. We'll do the plotting for you this time but you need to fill in the required code for computing the average difference.

In [None]:
import pandas as pd
df = pd.read_csv("data/Part5/income.csv")
age = df["age"]

ages = [17, 20, 30, 40, 50, 60, 70, 80, 90]
grid = [(x, y) for x in ages for y in ages]
feas_grid = [pt for pt in grid if pt[0] < pt[1]]

indexer = {ages[i] : i for i in range(len(ages))}

data = np.full((len(ages), len(ages)), None, dtype = float)

for pt in feas_grid:
    #  You should pass minimum age and manixum age when calling laplace_mean function
    min_age, max_age = pt

    i = indexer[min_age]
    j = indexer[max_age]

    # fill in the code here and assign data[i, j]
    # data[i, j] sould be the average difference between the true mean and the differentially private mean over 100 runs

    data[i, j] = 

In [None]:
from matplotlib import pyplot as plt

fig, ax = plt.subplots()

im = ax.imshow(data, extent=[17,90,90,17])
fig.colorbar(im)
plt.show()

##### 5.2.4(b) Look at magnitude and direction of the error in the plot. What does this suggest about choosing reasonable cutoffs when handling differentially private data? How might one go about minimizing this sort of error? To interpret the graph it may be useful to also plot a histogram of ages in the dataset. 