Machine Learning – How Can Privacy be Protected?

Machine Learning – How Can Privacy be Protected?

As a brief description, machine learning is a subset of artificial intelligence (‘AI’) which learns like a human does; through practice and repetition. As the computer completes a task, it improves its decision-making capacity and ‘learns’ the more tasks it completes. The more data and tasks the machine is provided, the better it can accurately make predictions and decisions. However, these datasets can often include sensitive information about people, raising risks of privacy violation.

Privacy-preserving machine learning (PPML) aims to protect the privacy of data or models used in machine learning, at training or evaluation time and during deployment. PPML involves powerful techniques which can support trust in the industry. Broadly, the report outlined brief summaries of several techniques.

One of the proposed techniques discussed in the report is Federated Learning. This is a technique where clients collaborate to train a model under a central server whilst keeping the data decentralised. All raw data is stored locally and not exchanged or transferred. This addresses privacy concerns around the centralised collection of raw data by ensuring that data is kept where it was created. Unfortunately, federated learning alone does not guarantee the privacy of sensitive data, as some data could be memorised during usage. Other techniques, such as Differential Privacy and Encrypted Computation are outlined in the report. A combination of techniques may be required in some contexts to protect data.

Whilst machine learning itself can help to stop security breaches with threat analytics, it still poses a threat to privacy itself. Overall, institutions sharing developments of privacy-protecting AI is the greatest recommendation found within the literature, including the report. In order to continue the innovation of AI and ensure the trustworthiness of machine learning, information-sharing is vital. In line with this, the next post will address the divide between industry and academia and how bridging this gap will assist the development of AI.