From Principle to Practice: Vertical Data Minimization for Machine Learning.
CoRR(2023)
摘要
Aiming to train and deploy predictive models, organizations collect large
amounts of detailed client data, risking the exposure of private information in
the event of a breach. To mitigate this, policymakers increasingly demand
compliance with the data minimization (DM) principle, restricting data
collection to only that data which is relevant and necessary for the task.
Despite regulatory pressure, the problem of deploying machine learning models
that obey DM has so far received little attention. In this work, we address
this challenge in a comprehensive manner. We propose a novel vertical DM (vDM)
workflow based on data generalization, which by design ensures that no
full-resolution client data is collected during training and deployment of
models, benefiting client privacy by reducing the attack surface in case of a
breach. We formalize and study the corresponding problem of finding
generalizations that both maximize data utility and minimize empirical privacy
risk, which we quantify by introducing a diverse set of policy-aligned
adversarial scenarios. Finally, we propose a range of baseline vDM algorithms,
as well as Privacy-aware Tree (PAT), an especially effective vDM algorithm that
outperforms all baselines across several settings. We plan to release our code
as a publicly available library, helping advance the standardization of DM for
machine learning. Overall, we believe our work can help lay the foundation for
further exploration and adoption of DM principles in real-world applications.
更多查看译文
AI 理解论文
溯源树
样例
生成溯源树,研究论文发展脉络
Chat Paper
正在生成论文摘要