TR2018-062

Privacy-Preserving Adversarial Networks


    •  Tripathy, A., Wang, Y., Ishwar, P., "Privacy-Preserving Adversarial Networks", arXiv, July 10, 2018.
      BibTeX Download PDF
      • @techreport{MERL_TR2018-062,
      • author = {Wang, Y. and Koike-Akino, T. and Erdogmus, D.},
      • title = {Privacy-Preserving Adversarial Networks},
      • institution = {MERL - Mitsubishi Electric Research Laboratories},
      • address = {Cambridge, MA 02139},
      • number = {TR2018-062},
      • month = jul,
      • year = 2018,
      • url = {https://www.merl.com/publications/TR2018-062/}
      • }
  • MERL Contacts:
  • Research Areas:

    Artificial Intelligence, Machine Learning, Signal Processing


We propose a data-driven framework for optimizing privacy-preserving data release mechanisms to attain the information-theoretically optimal tradeoff between minimizing distortion of useful data and concealing sensitive information. Our approach employs adversarially-trained neural networks to implement randomized mechanisms and to perform a variational approximation of mutual information privacy. We validate our Privacy-Preserving Adversarial Networks (PPAN) framework via experiments on discrete and continuous synthetic data, as well as the MNIST handwritten digits dataset. For synthetic data, we find that our model-agnostic PPAN approach achieves tradeoff points very close to the optimal tradeoffs that are analytically-derived from model knowledge. In experiments with the MNIST data, we visually demonstrate a learned tradeoff between minimizing the pixel-level distortion versus concealing the written digit.