Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

NIST SP 800-226 (Initial Public Draft)

Guidelines for Evaluating Differential Privacy Guarantees

Date Published: December 11, 2023
Comments Due: January 25, 2024 (public comment period is CLOSED)
Email Questions to:


Joseph Near (University of Vermont), David Darais (Galois)


Naomi Lefkovitz (NIST), Gary Howarth (NIST)


This publication is about differential privacy, a privacy-enhancing technology that quantifies privacy risk to individuals when their information appears in a dataset. In response to President Biden’s Executive Order on the Safe, Secure, and Trustworthy Development and Use of Artificial Intelligence, SP 800-226 is intended to help agencies and practitioners of all backgrounds—policy makers, business owners, product managers, IT technicians, software engineers, data scientists, researchers, and academics—better understand how to evaluate promises made (and not made) when deploying differential privacy, including for privacy-preserving machine learning. Additionally, there is a supplemental package of Python Jupyter notebooks that illustrate how to achieve differential privacy and other concepts described in the publication.

Submit comments by 11:59 p.m. EST on Thursday, January 25, 2024 to We encourage you to use this comment template.

Note to Reviewers

The authors welcome feedback on all aspects of this publication, particularly on the following questions:

  • Does this publication have a clear and appropriate scope?
  • Is this publication understandable for the intended audience?
  • Does publication provide a conceptual framework for understanding the uses and pitfalls of differential privacy? Is there any guidance that is not well-founded?
  • Is the differential privacy pyramid a helpful conceptual device?
  • Are the privacy hazards described accurately? Should additional hazards be added?
  • For topics where the research is inconclusive, were any key points missed from the literature?

NOTE: A call for patent claims is included on page ii of this draft. For additional information, see the Information Technology Laboratory (ITL) Patent Policy Inclusion of Patents in ITL Publications.



anonymization; data analytics; data privacy; de-identification; differential privacy; privacy; privacy-enhancing technologies
Control Families

None selected


Download URL

Supplemental Material:
Python Jupyter notebooks
Comment template (xlsx)

Document History:
12/11/23: SP 800-226 (Draft)


Security and Privacy

analytics, privacy



Laws and Regulations

Executive Order 14110