UP | HOME

Re-evaluating The Privacy Benefit of Federated Learning

Abstract

Federated Learning’s (FL) main attractive privacy feature of data localisation only holds if FL participants can trust the coordinating server not to carry out data reconstruction attacks, under both honest-but-curious as well as actively malicious threat models. Motivated by our study of the FL system present in Gboard’s virtual keyboard, we provide a reassessment of FL’s added privacy benefit, and point to three aspects of FL whose affect on privacy requires further research, namely the model architecture, the high levels of trust required to maintain privacy, and vulnerabilities in concrete implementations of the FL protocol.

Details

The full paper can be found here The paper has been accepted for publication in 1st Workshop on Advancements in Federated Learning at ECML PKDD 2023.