Exploiting Fairness to Enhance Sensitive Attributes Reconstruction

TL;DR

This paper shows how fairness constraints in machine learning models can be exploited by adversaries to better reconstruct sensitive attributes, proposing a generic correction method that improves reconstruction accuracy.

Contribution

It introduces a model-agnostic reconstruction correction method that leverages fairness information to enhance sensitive attribute recovery from black-box models.

Findings

The method improves sensitive attribute reconstruction across multiple fairness metrics.

Experimental results confirm the approach's effectiveness on various datasets.

The approach is applicable to different fair learning methods and models.

Abstract

In recent years, a growing body of work has emerged on how to learn machine learning models under fairness constraints, often expressed with respect to some sensitive attributes. In this work, we consider the setting in which an adversary has black-box access to a target model and show that information about this model's fairness can be exploited by the adversary to enhance his reconstruction of the sensitive attributes of the training data. More precisely, we propose a generic reconstruction correction method, which takes as input an initial guess made by the adversary and corrects it to comply with some user-defined constraints (such as the fairness information) while minimizing the changes in the adversary's guess. The proposed method is agnostic to the type of target model, the fairness-aware learning method as well as the auxiliary knowledge of the adversary. To assess the applicability of our approach, we have conducted a thorough experimental evaluation on two state-of-the-art fair learning methods, using four different fairness metrics with a wide range of tolerances and with three datasets of diverse sizes and sensitive attributes. The experimental results demonstrate the effectiveness of the proposed approach to improve the reconstruction of the sensitive attributes of the training set.