TR2017-194

Privacy-Preserving Adversarial Networks


    •  Tripathy, A., Wang, Y., Ishwar, P., "Privacy-Preserving Adversarial Networks," Tech. Rep. TR2017-194, arXiv, December 2017.
      BibTeX Download PDF
      • @techreport{MERL_TR2017-194,
      • author = {Tripathy, A. and Wang, Y. and Ishwar, P.},
      • title = {Privacy-Preserving Adversarial Networks},
      • institution = {MERL - Mitsubishi Electric Research Laboratories},
      • address = {Cambridge, MA 02139},
      • number = {TR2017-194},
      • month = dec,
      • year = 2017,
      • url = {http://www.merl.com/publications/TR2017-194/}
      • }
  • MERL Contact:
  • Research Area:

    Information Security


We propose a data-driven framework for optimizing privacy-preserving data release mechanisms toward the information-theoretically optimal tradeoff between minimizing distortion of useful data and concealing sensitive information. Our approach employs adversarially-trained neural networks to implement randomized mechanisms and to perform a variational approximation of mutual information privacy. We empirically validate our PrivacyPreserving Adversarial Networks (PPAN) framework with experiments conducted on discrete and continuous synthetic data, as well as the MNIST handwritten digits dataset. With the synthetic data, we find that our model-agnostic PPAN approach achieves tradeoff points very close to the optimal tradeoffs that are analyticallyderived from model knowledge. In experiments with the MNIST data, we visually demonstrate a learned tradeoff between minimizing the pixel-level distortion versus concealing the written digit.