Anonymizing Machine Learning Models

There is a known tension between the need to analyze personal data drive business and privacy concerns. Many protection regulations, including EU General Data Protection Regulation (GDPR) California Consumer Act (CCPA), set out strict restrictions obligations on collection processing of data. Moreover, machine learning models themselves can be used derive information, as demonstrated by recent membership attribute inference attacks. Anonymized data, however, exempt from in these regulations. It therefore desirable able create that are anonymized, thus also exempting them those obligations, addition providing better against Learning anonymized typically results significant degradation accuracy. In this work, we propose method achieve model accuracy using knowledge encoded within trained model, guiding our anonymization process minimize impact model's accuracy, call accuracy-guided anonymization. We demonstrate focusing rather than generic information loss measures, outperforms state art k-anonymity methods terms achieved utility, particular with high values k large numbers quasi-identifiers. approach has similar, sometimes even ability prevent attacks approaches based differential privacy, while averting some their drawbacks such complexity, performance overhead model-specific implementations. This makes model-guided legitimate substitute for practical creating privacy-preserving models.