ML Privacy Meter: Aiding Regulatory Compliance by Quantifying the Privacy Risks of Machine Learning

TL;DR

This paper introduces ML Privacy Meter, a tool that quantifies privacy risks in machine learning models by measuring potential data leakage, aiding organizations in regulatory compliance and data protection efforts.

Contribution

The paper presents a novel tool that applies state-of-the-art membership inference attacks to quantify privacy risks in machine learning models, supporting GDPR and similar regulations.

Findings

Effective in estimating privacy leakage from models

Helps organizations perform Data Protection Impact Assessments

Supports compliance with GDPR and other regulations

Abstract

When building machine learning models using sensitive data, organizations should ensure that the data processed in such systems is adequately protected. For projects involving machine learning on personal data, Article 35 of the GDPR mandates it to perform a Data Protection Impact Assessment (DPIA). In addition to the threats of illegitimate access to data through security breaches, machine learning models pose an additional privacy risk to the data by indirectly revealing about it through the model predictions and parameters. Guidances released by the Information Commissioner's Office (UK) and the National Institute of Standards and Technology (US) emphasize on the threat to data from models and recommend organizations to account for and estimate these risks to comply with data protection regulations. Hence, there is an immediate need for a tool that can quantify the privacy risk to data from models. In this paper, we focus on this indirect leakage about training data from machine learning models. We present ML Privacy Meter, a tool that can quantify the privacy risk to data from models through state of the art membership inference attack techniques. We discuss how this tool can help practitioners in compliance with data protection regulations, when deploying machine learning models.