Cargando…
Algorithms that remember: model inversion attacks and data protection law
Many individuals are concerned about the governance of machine learning systems and the prevention of algorithmic harms. The EU's recent General Data Protection Regulation (GDPR) has been seen as a core tool for achieving better governance of this area. While the GDPR does apply to the use of m...
| Autores principales: | , , |
|---|---|
| Formato: | Online Artículo Texto |
| Lenguaje: | English |
| Publicado: |
The Royal Society Publishing
2018
|
| Materias: | |
| Acceso en línea: | https://www.ncbi.nlm.nih.gov/pmc/articles/PMC6191664/ https://www.ncbi.nlm.nih.gov/pubmed/30322998 http://dx.doi.org/10.1098/rsta.2018.0083 |
| _version_ | 1783363757881163776 |
|---|---|
| author | Veale, Michael Binns, Reuben Edwards, Lilian |
| author_facet | Veale, Michael Binns, Reuben Edwards, Lilian |
| author_sort | Veale, Michael |
| collection | PubMed |
| description | Many individuals are concerned about the governance of machine learning systems and the prevention of algorithmic harms. The EU's recent General Data Protection Regulation (GDPR) has been seen as a core tool for achieving better governance of this area. While the GDPR does apply to the use of models in some limited situations, most of its provisions relate to the governance of personal data, while models have traditionally been seen as intellectual property. We present recent work from the information security literature around ‘model inversion’ and ‘membership inference’ attacks, which indicates that the process of turning training data into machine-learned systems is not one way, and demonstrate how this could lead some models to be legally classified as personal data. Taking this as a probing experiment, we explore the different rights and obligations this would trigger and their utility, and posit future directions for algorithmic governance and regulation. This article is part of the theme issue ‘Governing artificial intelligence: ethical, legal, and technical opportunities and challenges’. |
| format | Online Article Text |
| id | pubmed-6191664 |
| institution | National Center for Biotechnology Information |
| language | English |
| publishDate | 2018 |
| publisher | The Royal Society Publishing |
| record_format | MEDLINE/PubMed |
| spelling | pubmed-61916642018-10-20 Algorithms that remember: model inversion attacks and data protection law Veale, Michael Binns, Reuben Edwards, Lilian Philos Trans A Math Phys Eng Sci Articles Many individuals are concerned about the governance of machine learning systems and the prevention of algorithmic harms. The EU's recent General Data Protection Regulation (GDPR) has been seen as a core tool for achieving better governance of this area. While the GDPR does apply to the use of models in some limited situations, most of its provisions relate to the governance of personal data, while models have traditionally been seen as intellectual property. We present recent work from the information security literature around ‘model inversion’ and ‘membership inference’ attacks, which indicates that the process of turning training data into machine-learned systems is not one way, and demonstrate how this could lead some models to be legally classified as personal data. Taking this as a probing experiment, we explore the different rights and obligations this would trigger and their utility, and posit future directions for algorithmic governance and regulation. This article is part of the theme issue ‘Governing artificial intelligence: ethical, legal, and technical opportunities and challenges’. The Royal Society Publishing 2018-11-28 2018-10-15 /pmc/articles/PMC6191664/ /pubmed/30322998 http://dx.doi.org/10.1098/rsta.2018.0083 Text en © 2018 The Authors. http://creativecommons.org/licenses/by/4.0/ Published by the Royal Society under the terms of the Creative Commons Attribution License http://creativecommons.org/licenses/by/4.0/, which permits unrestricted use, provided the original author and source are credited. |
| spellingShingle | Articles Veale, Michael Binns, Reuben Edwards, Lilian Algorithms that remember: model inversion attacks and data protection law |
| title | Algorithms that remember: model inversion attacks and data protection law |
| title_full | Algorithms that remember: model inversion attacks and data protection law |
| title_fullStr | Algorithms that remember: model inversion attacks and data protection law |
| title_full_unstemmed | Algorithms that remember: model inversion attacks and data protection law |
| title_short | Algorithms that remember: model inversion attacks and data protection law |
| title_sort | algorithms that remember: model inversion attacks and data protection law |
| topic | Articles |
| url | https://www.ncbi.nlm.nih.gov/pmc/articles/PMC6191664/ https://www.ncbi.nlm.nih.gov/pubmed/30322998 http://dx.doi.org/10.1098/rsta.2018.0083 |
| work_keys_str_mv | AT vealemichael algorithmsthatremembermodelinversionattacksanddataprotectionlaw AT binnsreuben algorithmsthatremembermodelinversionattacksanddataprotectionlaw AT edwardslilian algorithmsthatremembermodelinversionattacksanddataprotectionlaw |