TR2018-196

Privacy-Preserving Adversarial Networks


    •  Tripathy, A., Wang, Y., Ishwar, P., "Privacy-Preserving Adversarial Networks", arXiv, March 2019.
      BibTeX Download PDF
      • @techreport{MERL_TR2018-196,
      • author = {Tripathy, A. and Wang, Y. and Ishwar, P.},
      • title = {Privacy-Preserving Adversarial Networks},
      • institution = {MERL - Mitsubishi Electric Research Laboratories},
      • address = {Cambridge, MA 02139},
      • number = {TR2018-196},
      • month = mar,
      • year = 2019,
      • url = {http://www.merl.com/publications/TR2018-196/}
      • }
  • MERL Contact:
  • Research Areas:

    Artificial Intelligence, Machine Learning, Signal Processing


We propose a data-driven framework for optimizing privacy-preserving data release mechanisms to attain the information-theoretically optimal tradeoff between minimizing distortion of useful data and concealing sensitive information. Our approach employs adversarially-trained neural networks to implement randomized mechanisms and to perform a variational approximation of mutual information privacy. We validate our Privacy-Preserving Adversarial Networks (PPAN) framework via experiments on discrete and continuous synthetic data, as well as the MNIST handwritten digits dataset. For synthetic data, our model-agnostic PPAN approach achieves tradeoff points very close to the optimal tradeoffs that are analytically-derived from model knowledge. In experiments with the MNIST data, we visually demonstrate a learned tradeoff between minimizing the pixel-level distortion versus concealing the written digit.