Towards private and practical federated learning
While exploiting the large amounts of available data has significant economic and societal benefits, in recent years there has been a growing awareness of the privacy risks.
Many researchers are therefore looking at settings where data remains at the premises of the data owners and these data owners learn a statistical model together without revealing their own data. The best known strategies involve both encryption and noise addition, in particular encryption helps to hide intermediate results which otherwise may have leaked information unnecessarily, and noise addition ensures that no sensitive information can be inferred from the output of an algorithm. This however poses several new challenges. First, the decentralization and encryption have a significant impact on the computation and communication cost. Second, while differential privacy has emerged as a gold standard privacy notion it is insufficiently fine-grained to yield the best privacy-utility trade-off.
In this presentation, I explain in more depth these challenges and discuss recent results and ongoing work aiming to overcome these hurdles from the point of view of the objectives of the TRUMPET project, a recently started Horizon Europe project which wants to provide groups of hospitals a platform for strongly secure and privacy-preserving but still efficient federated learning.