Why Should I Trust a Model is Private? Using Shifts in Model Explanation
for Evaluating Privacy-Preserving Emotion Recognition Model
- URL: http://arxiv.org/abs/2104.08792v1
- Date: Sun, 18 Apr 2021 09:56:41 GMT
- Title: Why Should I Trust a Model is Private? Using Shifts in Model Explanation
for Evaluating Privacy-Preserving Emotion Recognition Model
- Authors: Mimansa Jaiswal, Emily Mower Provost
- Abstract summary: We focus on using interpretable methods to evaluate a model's efficacy to preserve privacy with respect to sensitive variables.
We show how certain commonly-used methods that seek to preserve privacy might not align with human perception of privacy preservation.
We conduct crowdsourcing experiments to evaluate the inclination of the evaluators to choose a particular model for a given task.
- Score: 35.016050900061
- License: http://creativecommons.org/licenses/by/4.0/
- Abstract: Privacy preservation is a crucial component of any real-world application.
Yet, in applications relying on machine learning backends, this is challenging
because models often capture more than a designer may have envisioned,
resulting in the potential leakage of sensitive information. For example,
emotion recognition models are susceptible to learning patterns between the
target variable and other sensitive variables, patterns that can be maliciously
re-purposed to obtain protected information. In this paper, we concentrate on
using interpretable methods to evaluate a model's efficacy to preserve privacy
with respect to sensitive variables. We focus on saliency-based explanations,
explanations that highlight regions of the input text, which allows us to
understand how model explanations shift when models are trained to preserve
privacy. We show how certain commonly-used methods that seek to preserve
privacy might not align with human perception of privacy preservation. We also
show how some of these induce spurious correlations in the model between the
input and the primary as well as secondary task, even if the improvement in
evaluation metric is significant. Such correlations can hence lead to false
assurances about the perceived privacy of the model because especially when
used in cross corpus conditions. We conduct crowdsourcing experiments to
evaluate the inclination of the evaluators to choose a particular model for a
given task when model explanations are provided, and find that correlation of
interpretation differences with sociolinguistic biases can be used as a proxy
for user trust.
Related papers
- Deep Variational Privacy Funnel: General Modeling with Applications in
Face Recognition [3.351714665243138]
We develop a method for privacy-preserving representation learning using an end-to-end training framework.
We apply our model to state-of-the-art face recognition systems.
arXiv Detail & Related papers (2024-01-26T11:32:53Z) - Decoding Susceptibility: Modeling Misbelief to Misinformation Through a Computational Approach [61.04606493712002]
Susceptibility to misinformation describes the degree of belief in unverifiable claims that is not observable.
Existing susceptibility studies heavily rely on self-reported beliefs.
We propose a computational approach to model users' latent susceptibility levels.
arXiv Detail & Related papers (2023-11-16T07:22:56Z) - PrivacyMind: Large Language Models Can Be Contextual Privacy Protection Learners [81.571305826793]
We introduce Contextual Privacy Protection Language Models (PrivacyMind)
Our work offers a theoretical analysis for model design and benchmarks various techniques.
In particular, instruction tuning with both positive and negative examples stands out as a promising method.
arXiv Detail & Related papers (2023-10-03T22:37:01Z) - SF-PATE: Scalable, Fair, and Private Aggregation of Teacher Ensembles [50.90773979394264]
This paper studies a model that protects the privacy of individuals' sensitive information while also allowing it to learn non-discriminatory predictors.
A key characteristic of the proposed model is to enable the adoption of off-the-selves and non-private fair models to create a privacy-preserving and fair model.
arXiv Detail & Related papers (2022-04-11T14:42:54Z) - Explain, Edit, and Understand: Rethinking User Study Design for
Evaluating Model Explanations [97.91630330328815]
We conduct a crowdsourcing study, where participants interact with deception detection models that have been trained to distinguish between genuine and fake hotel reviews.
We observe that for a linear bag-of-words model, participants with access to the feature coefficients during training are able to cause a larger reduction in model confidence in the testing phase when compared to the no-explanation control.
arXiv Detail & Related papers (2021-12-17T18:29:56Z) - The Influence of Dropout on Membership Inference in Differentially
Private Models [0.0]
Differentially private models seek to protect the privacy of data the model is trained on.
We conduct membership inference attacks against models with and without differential privacy.
arXiv Detail & Related papers (2021-03-16T12:09:51Z) - Robustness Threats of Differential Privacy [70.818129585404]
We experimentally demonstrate that networks, trained with differential privacy, in some settings might be even more vulnerable in comparison to non-private versions.
We study how the main ingredients of differentially private neural networks training, such as gradient clipping and noise addition, affect the robustness of the model.
arXiv Detail & Related papers (2020-12-14T18:59:24Z) - Differentially Private and Fair Deep Learning: A Lagrangian Dual
Approach [54.32266555843765]
This paper studies a model that protects the privacy of the individuals sensitive information while also allowing it to learn non-discriminatory predictors.
The method relies on the notion of differential privacy and the use of Lagrangian duality to design neural networks that can accommodate fairness constraints.
arXiv Detail & Related papers (2020-09-26T10:50:33Z)
This list is automatically generated from the titles and abstracts of the papers in this site.
This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.