1. Succinctly explain how Google's secure aggregation protocol improves the privacy of individual users' data? 

2. Let's compare the leakage of this protocol with that of secure multi-party computation. Assume all n users and the aggregator (Google) run an MPC protocol (among n+1 parties) whose ideal functionality is that Google sees only the final model and the users learn nothing. Assume that all parties are semi-honest. Describe in one sentence the information leaked by the federated learning protocol that is not leaked by the MPC.

3. Name one reason Google chose to use this somewhat leaky secure aggregation protocol over a fully-private MPC protocol.