Articles producció científica> Enginyeria Informàtica i Matemàtiques

A Critical Review on the Use (and Misuse) of Differential Privacy in Machine Learning

  • Identification data

    Identifier: imarina:9289126
    Authors:
    Blanco-Justicia, AlbertoSanchez, DavidDomingo-Ferrer, JosepMuralidhar, Krishnamurty
    Abstract:
    We review the use of differential privacy (DP) for privacy protection in machine learning (ML). We show that, driven by the aim of preserving the accuracy of the learned models, DP-based ML implementations are so loose that they do not offer the ex ante privacy guarantees of DP. Instead, what they deliver is basically noise addition similar to the traditional (and often criticized) statistical disclosure control approach. Due to the lack of formal privacy guarantees, the actual level of privacy offered must be experimentally assessed ex post , which is done very seldom. In this respect, we present empirical results showing that standard anti-overfitting techniques in ML can achieve a better utility/privacy/efficiency tradeoff than DP.
  • Others:

    Author, as appears in the article.: Blanco-Justicia, Alberto; Sanchez, David; Domingo-Ferrer, Josep; Muralidhar, Krishnamurty
    Department: Enginyeria Informàtica i Matemàtiques
    URV's Author/s: Blanco Justicia, Alberto / Domingo Ferrer, Josep / Sánchez Ruenes, David
    Keywords: Machine learning Federated learning Differential privacy Data utility machine learning federated learning data utility
    Abstract: We review the use of differential privacy (DP) for privacy protection in machine learning (ML). We show that, driven by the aim of preserving the accuracy of the learned models, DP-based ML implementations are so loose that they do not offer the ex ante privacy guarantees of DP. Instead, what they deliver is basically noise addition similar to the traditional (and often criticized) statistical disclosure control approach. Due to the lack of formal privacy guarantees, the actual level of privacy offered must be experimentally assessed ex post , which is done very seldom. In this respect, we present empirical results showing that standard anti-overfitting techniques in ML can achieve a better utility/privacy/efficiency tradeoff than DP.
    Thematic Areas: Theoretical computer science Medicina ii Matemática / probabilidade e estatística Interdisciplinar General computer science Engenharias iv Computer science, theory & methods Computer science (miscellaneous) Computer science (all) Ciência da computação Astronomia / física
    licence for use: https://creativecommons.org/licenses/by/3.0/es/
    Author's mail: alberto.blanco@urv.cat david.sanchez@urv.cat josep.domingo@urv.cat
    Author identifier: 0000-0002-1108-8082 0000-0001-7275-7887 0000-0001-7213-4962
    Record's date: 2024-10-12
    Papper version: info:eu-repo/semantics/acceptedVersion
    Licence document URL: https://repositori.urv.cat/ca/proteccio-de-dades/
    Papper original source: Acm Computing Surveys. 55 (8): 1-16
    APA: Blanco-Justicia, Alberto; Sanchez, David; Domingo-Ferrer, Josep; Muralidhar, Krishnamurty (2023). A Critical Review on the Use (and Misuse) of Differential Privacy in Machine Learning. Acm Computing Surveys, 55(8), 1-16. DOI: 10.1145/3547139
    Entity: Universitat Rovira i Virgili
    Journal publication year: 2023
    Publication Type: Journal Publications
  • Keywords:

    Computer Science (Miscellaneous),Computer Science, Theory & Methods,Theoretical Computer Science
    Machine learning
    Federated learning
    Differential privacy
    Data utility
    machine learning
    federated learning
    data utility
    Theoretical computer science
    Medicina ii
    Matemática / probabilidade e estatística
    Interdisciplinar
    General computer science
    Engenharias iv
    Computer science, theory & methods
    Computer science (miscellaneous)
    Computer science (all)
    Ciência da computação
    Astronomia / física
  • Documents:

  • Cerca a google

    Search to google scholar