Privacy-Preserving Adversarial Networks

TL;DR

This paper introduces Privacy-Preserving Adversarial Networks (PPAN), a neural network-based framework that optimizes the balance between data utility and privacy by adversarial training and mutual information approximation.

Contribution

It presents a novel neural network approach for privacy-preserving data release that achieves near-optimal tradeoffs between utility and privacy, validated on synthetic and real datasets.

Findings

Achieves near-optimal privacy-utility tradeoffs on synthetic data.

Demonstrates effective concealment of sensitive information in MNIST images.

Validates the framework's applicability across different data types.

Abstract

We propose a data-driven framework for optimizing privacy-preserving data release mechanisms to attain the information-theoretically optimal tradeoff between minimizing distortion of useful data and concealing specific sensitive information. Our approach employs adversarially-trained neural networks to implement randomized mechanisms and to perform a variational approximation of mutual information privacy. We validate our Privacy-Preserving Adversarial Networks (PPAN) framework via proof-of-concept experiments on discrete and continuous synthetic data, as well as the MNIST handwritten digits dataset. For synthetic data, our model-agnostic PPAN approach achieves tradeoff points very close to the optimal tradeoffs that are analytically-derived from model knowledge. In experiments with the MNIST data, we visually demonstrate a learned tradeoff between minimizing the pixel-level distortion versus concealing the written digit.