Preventing Unauthorized Use of Proprietary Data: Poisoning for Secure Dataset Release
This addresses a security issue for large organizations like social media companies that release data while protecting proprietary models, though it is incremental as it builds on existing poisoning techniques.
The paper tackles the problem of preventing competitors from using publicly released data to train models that replicate proprietary performance, by developing a data poisoning method that minimally modifies the data to disrupt training, achieving success on ImageNet classification and facial recognition tasks.
Large organizations such as social media companies continually release data, for example user images. At the same time, these organizations leverage their massive corpora of released data to train proprietary models that give them an edge over their competitors. These two behaviors can be in conflict as an organization wants to prevent competitors from using their own data to replicate the performance of their proprietary models. We solve this problem by developing a data poisoning method by which publicly released data can be minimally modified to prevent others from train-ing models on it. Moreover, our method can be used in an online fashion so that companies can protect their data in real time as they release it.We demonstrate the success of our approach onImageNet classification and on facial recognition.