InterviewStack.io LogoInterviewStack.io

Privacy-Preserving Experiment Design Questions

Techniques and considerations for designing experiments and data collection strategies that protect privacy. Covers methods such as differential privacy, secure aggregation, federated learning, synthetic data, data minimization, consent management, de-identification, and privacy risk assessment, with emphasis on maintaining data utility and regulatory compliance while enabling robust experimentation.

HardSystem Design
61 practiced
Design a production system for private inference where clients submit encrypted inputs and receive model outputs without the server learning inputs or leaking model parameters. Compare homomorphic encryption (HE), secure multi-party computation (MPC), and trusted execution environments (TEE) in terms of latency, throughput, supported model classes, and deployment complexity. Recommend approach(es) for low-latency web services vs batch processing.
MediumSystem Design
59 practiced
Design a privacy budget management system for a company where multiple product teams run experiments on shared user populations. System must enforce per-user epsilon per rolling window, allow teams to request and reserve budgets, provide immutable audit logs, and prevent accidental overspend. Describe APIs, enforcement mechanisms, user-facing controls, and conflict resolution policies between competing experiments.
HardTechnical
79 practiced
Derive how much to increase sample size in an A/B test when Gaussian noise with variance sigma_squared is added to the outcome metric to achieve the same statistical power (1-beta) and significance level (alpha) as a non-private test. Provide a derivation for a continuous outcome with known variance and show the closed-form relationship between original sample size and inflated sample size required under DP noise.
MediumTechnical
73 practiced
Create a threat model for an experimentation pipeline that covers ingestion, storage, feature engineering, model training, and analytics. Identify likely threat actors (insider, external attacker, malicious analyst), attack vectors (exfiltration, linkage, poisoning), assets at risk, and prioritized mitigations (access controls, encryption, DP, monitoring). Explain how to produce a prioritized mitigation roadmap for engineers and product managers.
MediumTechnical
70 practiced
Explain the Bonawitz et al. secure aggregation protocol at the level of key setup, masking contributions, verifying shares, aggregation, and unmasking. Discuss implementation challenges including pairwise key management, handling client failures, bandwidth and CPU constraints on client devices, and suggestions to optimize for mobile clients with intermittent connectivity.

Unlock Full Question Bank

Get access to hundreds of Privacy-Preserving Experiment Design interview questions and detailed answers.

Sign in to Continue

Join thousands of developers preparing for their dream job.