Privacy risks: From anonymization to machine learning
Image credit: UnsplashAbstract
Mining sensitive data such as health data can lead to faster medical decisions, improvement in the quality of treatment, disease prevention and innovative solutions. However, health data is highly sensitive and subject to regulations such as the General Data Protection Regulation (GDPR), which aims to ensure patient’s privacy. Anonymization or removal of patient identifiable information, though the most conventional way, is the first important step to adhere to the regulations and incorporate privacy concerns. Nonetheless, anonymization alone is not sufficient. In this first part of the talk, we will see a reconstruction attack on anonymized data that can retrieve the original private data with a high accuracy. Similarly, when machine learning models are trained on sensitive data, the released model can still leak information on the data it was trained on. In the second part of the talk, we will discuss membership inference attack on graph neural networks (GNNs) where the goal of the adversary is to determine whether a particular data was used in training the target model.
Olatunji Iyiola Emmanuel (李白)
Postdoctoral Researcher
Emmanuel’s interest is in the privacy of ML models, interpretability and fairness