Learning Anonymized Representations with Adversarial Neural Networks
This addresses privacy concerns for individuals and organizations by enabling data anonymization in machine learning, though it is incremental as it builds on existing representation learning and adversarial methods.
The paper tackles the problem of learning anonymized representations that preserve information about target labels while preventing prediction of private labels, using a novel training objective based on information theoretical bounds. It demonstrates success on handwritten digits and sentiment analysis tasks, achieving anonymization with minimal loss in target prediction accuracy.
Statistical methods protecting sensitive information or the identity of the data owner have become critical to ensure privacy of individuals as well as of organizations. This paper investigates anonymization methods based on representation learning and deep neural networks, and motivated by novel information theoretical bounds. We introduce a novel training objective for simultaneously training a predictor over target variables of interest (the regular labels) while preventing an intermediate representation to be predictive of the private labels. The architecture is based on three sub-networks: one going from input to representation, one from representation to predicted regular labels, and one from representation to predicted private labels. The training procedure aims at learning representations that preserve the relevant part of the information (about regular labels) while dismissing information about the private labels which correspond to the identity of a person. We demonstrate the success of this approach for two distinct classification versus anonymization tasks (handwritten digits and sentiment analysis).