Privacy-Preserving Prompt Tuning for Large Language Model Services

• URL: http://arxiv.org/abs/2305.06212v1
• Date: Wed, 10 May 2023 14:41:51 GMT
• Title: Privacy-Preserving Prompt Tuning for Large Language Model Services
• Authors: Yansong Li, Zhixing Tan and Yang Liu
• Abstract summary: We propose a framework that provides privacy guarantees for Large Language Models (LLMs) services. textscrapt adopts a local privacy setting, allowing users to privatize their data locally with local differential privacy. Despite the simplicity of our framework, experiments show that RAPT achieves competitive performance across tasks while providing privacy guarantees against adversaries.
• Score: 16.589104544849743
• License: http://creativecommons.org/licenses/by-sa/4.0/
• Abstract: Prompt tuning provides an efficient way for users to customize Large Language Models (LLMs) with their private data in the emerging LLM service scenario. However, the sensitive nature of private data brings the need for privacy preservation in LLM service customization. Based on prompt tuning, we propose Privacy-Preserving Prompt Tuning (RAPT), a framework that provides privacy guarantees for LLM services. \textsc{rapt} adopts a local privacy setting, allowing users to privatize their data locally with local differential privacy. As prompt tuning performs poorly when directly trained on privatized data, we introduce a novel privatized token reconstruction task that is trained jointly with the downstream task, allowing LLMs to learn better task-dependent representations. Despite the simplicity of our framework, experiments show that RAPT achieves competitive performance across tasks while providing privacy guarantees against adversaries.

Related papers

• KnowledgeSG: Privacy-Preserving Synthetic Text Generation with Knowledge Distillation from Server [48.04903443425111]
  Large language models (LLMs) facilitate many parties to fine-tune LLMs on their own private data. Existing solutions, such as utilizing synthetic data for substitution, struggle to simultaneously improve performance and preserve privacy. We propose KnowledgeSG, a novel client-server framework which enhances synthetic data quality and improves model performance while ensuring privacy.
  arXiv  Detail & Related papers  (2024-10-08T06:42:28Z)
• Mind the Privacy Unit! User-Level Differential Privacy for Language Model Fine-Tuning [62.224804688233]
  differential privacy (DP) offers a promising solution by ensuring models are 'almost indistinguishable' with or without any particular privacy unit. We study user-level DP motivated by applications where it necessary to ensure uniform privacy protection across users.
  arXiv  Detail & Related papers  (2024-06-20T13:54:32Z)
• PFID: Privacy First Inference Delegation Framework for LLMs [34.59282305562392]
  This paper introduces a novel privacy-preservation framework named PFID for LLMs. It addresses critical privacy concerns by localizing user data through model sharding and singular value decomposition.
  arXiv  Detail & Related papers  (2024-06-18T03:27:09Z)
• Privacy-Enhanced Database Synthesis for Benchmark Publishing [16.807486872855534]
  Differential privacy has become a key method for safeguarding privacy when sharing data, but the focus has largely been on minimizing errors in aggregate queries or classification tasks. This paper delves into the creation of privacy-preserving databases specifically for benchmarking, aiming to produce a differentially private database. PrivBench uses sum-product networks (SPNs) to partition and sample data, enhancing data representation while securing privacy.
  arXiv  Detail & Related papers  (2024-05-02T14:20:24Z)
• DP-OPT: Make Large Language Model Your Privacy-Preserving Prompt Engineer [57.04801796205638]
  Large Language Models (LLMs) have emerged as dominant tools for various tasks. However, concerns surrounding data privacy present obstacles due to the tuned prompts' dependency on sensitive private information. We present Differentially-Private Offsite Prompt Tuning (DP-OPT) to address this challenge.
  arXiv  Detail & Related papers  (2023-11-27T02:01:10Z)
• PrivacyMind: Large Language Models Can Be Contextual Privacy Protection Learners [81.571305826793]
  We introduce Contextual Privacy Protection Language Models (PrivacyMind) Our work offers a theoretical analysis for model design and benchmarks various techniques. In particular, instruction tuning with both positive and negative examples stands out as a promising method.
  arXiv  Detail & Related papers  (2023-10-03T22:37:01Z)
• Hide and Seek (HaS): A Lightweight Framework for Prompt Privacy Protection [6.201275002179716]
  We introduce the HaS framework, where "H(ide)" and "S(eek)" represent its two core processes: hiding private entities for anonymization and seeking private entities for de-anonymization. To quantitatively assess HaS's privacy protection performance, we propose both black-box and white-box adversarial models.
  arXiv  Detail & Related papers  (2023-09-06T14:54:11Z)
• Private Reinforcement Learning with PAC and Regret Guarantees [69.4202374491817]
  We design privacy preserving exploration policies for episodic reinforcement learning (RL) We first provide a meaningful privacy formulation using the notion of joint differential privacy (JDP) We then develop a private optimism-based learning algorithm that simultaneously achieves strong PAC and regret bounds, and enjoys a JDP guarantee.
  arXiv  Detail & Related papers  (2020-09-18T20:18:35Z)
• PGLP: Customizable and Rigorous Location Privacy through Policy Graph [68.3736286350014]
  We propose a new location privacy notion called PGLP, which provides a rich interface to release private locations with customizable and rigorous privacy guarantee. Specifically, we formalize a user's location privacy requirements using a textitlocation policy graph, which is expressive and customizable. Third, we design a private location trace release framework that pipelines the detection of location exposure, policy graph repair, and private trajectory release with customizable and rigorous location privacy.
  arXiv  Detail & Related papers  (2020-05-04T04:25:59Z)
• PrivEdge: From Local to Distributed Private Training and Prediction [43.02041269239928]
  PrivEdge is a technique for privacy-preserving Machine Learning (ML) PrivEdge safeguards the privacy of users who provide their data for training, as well as users who use the prediction service. We show that PrivEdge has high precision and recall in preserving privacy, as well as in distinguishing between private and non-private images.
  arXiv  Detail & Related papers  (2020-04-12T09:26:12Z)

This list is automatically generated from the titles and abstracts of the papers in this site.

This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.