The article explores the reconciliation of privacy and accuracy in AI for medical imaging, focusing on the use of differential privacy (DP) to protect sensitive training data. DP is highlighted as a robust method to bound the risks of inferring training samples or reconstructing original data, but it comes at the cost of reduced model performance. The study contrasts the performance of AI models at various privacy budgets against theoretical risk bounds and empirical reconstruction attacks. Key findings include: 1. **Performance Trade-offs**: Lower privacy budgets significantly impact model performance, especially on small or complex datasets. 2. **Large Privacy Budgets**: Very large privacy budgets (ε = 10^9) can render reconstruction attacks impossible while maintaining negligible performance drops, suggesting that using DP is negligent when handling sensitive data. 3. **Realistic Threat Models**: The study uses more realistic threat models that still allow strong privacy protection but are less pessimistic than worst-case assumptions, showing that real-world data reconstruction risks can be mitigated without significant performance trade-offs. 4. **Empirical Protection**: Even with very large privacy budgets, empirical protection against reconstruction attacks is effective, indicating that a 'pinch of privacy' can significantly improve practical scenarios. 5. **Future Directions**: The study calls for further research to analyze various threat models beyond the worst case, emphasizing the need for broader discussions among ethicists, policymakers, and stakeholders to balance privacy and performance in AI applications. The article concludes that DP should be used by default in AI models trained on sensitive data, providing a foundation for further debates on striking a balance between privacy risks and model performance.The article explores the reconciliation of privacy and accuracy in AI for medical imaging, focusing on the use of differential privacy (DP) to protect sensitive training data. DP is highlighted as a robust method to bound the risks of inferring training samples or reconstructing original data, but it comes at the cost of reduced model performance. The study contrasts the performance of AI models at various privacy budgets against theoretical risk bounds and empirical reconstruction attacks. Key findings include: 1. **Performance Trade-offs**: Lower privacy budgets significantly impact model performance, especially on small or complex datasets. 2. **Large Privacy Budgets**: Very large privacy budgets (ε = 10^9) can render reconstruction attacks impossible while maintaining negligible performance drops, suggesting that using DP is negligent when handling sensitive data. 3. **Realistic Threat Models**: The study uses more realistic threat models that still allow strong privacy protection but are less pessimistic than worst-case assumptions, showing that real-world data reconstruction risks can be mitigated without significant performance trade-offs. 4. **Empirical Protection**: Even with very large privacy budgets, empirical protection against reconstruction attacks is effective, indicating that a 'pinch of privacy' can significantly improve practical scenarios. 5. **Future Directions**: The study calls for further research to analyze various threat models beyond the worst case, emphasizing the need for broader discussions among ethicists, policymakers, and stakeholders to balance privacy and performance in AI applications. The article concludes that DP should be used by default in AI models trained on sensitive data, providing a foundation for further debates on striking a balance between privacy risks and model performance.