Report on Current Developments in Privacy-Preserving Machine Learning

General Direction of the Field

The field of privacy-preserving machine learning (PML) is witnessing significant advancements, particularly in the areas of differential privacy (DP) and federated learning (FL). Recent developments are focused on enhancing the privacy-utility tradeoff, mitigating noise detriment, and optimizing the efficiency of DP mechanisms. The general direction is towards more practical and scalable solutions that can be integrated into real-world applications without compromising on privacy guarantees.

1. Mitigation of Noise Detriment in DPFL: There is a growing emphasis on using model pre-training to mitigate noise detriment in differentially private federated learning (DPFL). Pre-training on public datasets followed by fine-tuning on private datasets is shown to significantly reduce the impact of DP noise, thereby improving model accuracy. This approach is particularly effective in scenarios with tight privacy budgets or large model sizes.

2. Optimal Rates in DP Stochastic Optimization: Advances in DP stochastic optimization with heavy-tailed data are pushing towards optimal rates. Novel algorithms and clipping approaches are being developed to achieve these rates, which are crucial for practical applications where data distributions are not always well-behaved.

3. Privacy Technologies for Financial Intelligence: The integration of privacy technologies with financial intelligence is gaining traction. There is a focus on developing privacy-preserving data matching and machine learning techniques to detect complex financial crimes, leveraging recent advancements in privacy-preserving technologies.

4. Group Privacy in Subsampled Mechanisms: Research is advancing in calibrating noise for group privacy in subsampled mechanisms. New analysis frameworks are being proposed to provide tighter privacy accounting, especially for mechanisms involving subsampling, leading to improved utility in published results.

5. Enhancing Privacy-Utility Tradeoff: There is a concerted effort to enhance the privacy-utility tradeoff in various DP mechanisms. Techniques such as low-pass filtering in DP optimizers and novel privacy measures are being explored to achieve better utility without compromising privacy guarantees.

Noteworthy Papers

• Mitigating Noise Detriment in Differentially Private Federated Learning with Model Pre-training: This paper pioneers the use of model pre-training to mitigate noise detriment in DPFL, significantly enhancing model accuracy and privacy-utility tradeoff.
• Differential Private Stochastic Optimization with Heavy-tailed Data: Towards Optimal Rates: Achieving optimal rates in DP optimization with heavy-tailed data is a significant advancement, improving the robustness and applicability of DP mechanisms.
• DOPPLER: Differentially Private Optimizers with Low-pass Filter for Privacy Noise Reduction: The introduction of low-pass filtering in DP optimizers is a novel approach to reduce noise impact, enhancing model performance while maintaining privacy guarantees.

These developments underscore the field's commitment to advancing privacy-preserving machine learning techniques that are both theoretically sound and practically applicable.