Question 8

A. Differential privacy

Differential privacy is the standard mechanism for publishing aggregate statistics while bounding the incremental information any single record contributes, so repeated releases do not let an analyst infer whether a rare scooter trip occurred. In formal terms, it satisfies the b5-differential privacy guarantee, where the output distribution changes only by a factor of e^b5 when one individual's data is added or removed, which is exactly the protection needed against singling out over time.