Learning Iconic Scenes with Differential Privacy

Unlocking Iconic Scenes with Enhanced Privacy Techniques

Introduction:

In this article, we discuss how we implement differential privacy (DP) to learn about the types of photos people capture at popular locations without compromising their privacy. This technique is used in various features in the Photos app, including Memories and Places. The app learns about significant people, places, and events based on the user’s library and creates curated collections of photos and videos. The selection of key photos for Memories is influenced by iconic scenes learned from iOS users, all while ensuring DP assurance. We prioritize three aspects: accommodating data changes, balancing local and central DP, and accommodating non-uniform data density. Through secure aggregation and local noise addition, we strike a balance between privacy and utility. We have successfully used this approach to learn detailed statistics for various location-category pairs, enabling better user experiences and privacy protection. There are still opportunities to improve the system further, including privacy accounting, better algorithms, and other data science tools.

Full Article: Unlocking Iconic Scenes with Enhanced Privacy Techniques

How Differential Privacy is Used in Photos to Learn About User’s Photos

Differential privacy (DP) is a privacy-preserving technique that allows researchers to learn about user behavior without accessing personally identifiable information. In the case of the Photos app, DP is applied to understand the types of photos people take at frequently visited locations, also known as iconic scenes. This information is used to enhance features like Memories and Places in iOS 17.

You May Also Like to Read  MIT News: Empowering National Security Leaders with Knowledge of Artificial Intelligence

Learning About Iconic Scenes with DP

One of the primary goals of the machine learning research behind this feature was to identify iconic scenes and the types of photos taken at those locations. This helps in selecting key photos for Memories and other features. However, the challenge is to ensure that Memories remains a compelling feature for users regardless of their location.

Accommodating Data Changes and Non-Uniform Data Density

To address the issue of changing data and non-uniform data density, the research team implemented a combination of local and central differential privacy. While local DP provides strong assurances of privacy, it requires a significant amount of noise to be added, which can limit the utility of the learned histograms. Non-uniform data density also poses challenges, as regions with higher data density provide more precise results.

Balancing Privacy with Utility

The research team found a solution by combining local noise addition with secure aggregation. In this approach, a user takes a photo at a location and the photo is annotated with common categories. The model that assigns these categories runs locally on the user’s device. A randomized location-category pair is encoded into a one-hot vector, and each bit in the vector is flipped with some probability to ensure local DP assurance.

These binary vectors are split into two shares, encrypted with different public keys, and uploaded to the server. On the server side, the leader and helper components decrypt and aggregate the shares without access to the original vectors. The resulting aggregate vectors are decoded back into location and photo categories, which are visualized on a map.

You May Also Like to Read  Exploring the Intersection of Machine Learning and Biological Research: Jennifer Doudna's Invited Talk at ICML2023

Ensuring Security and Privacy

To prevent malicious updates and maintain privacy, the research team implemented Prio validation. This validation method ensures that no single vector can be seen by any entity, preventing malicious users from corrupting the final histograms. The learned histograms satisfy a strong privacy assurance (DP epsilon=1, delta=1.5e^-7), and additional noise is added in the secure aggregation protocol to protect smaller populations.

Future Improvements

The implementation of DP in the Photos app has already improved user experiences, but there are still opportunities for further enhancement. The research team plans to focus on privacy accounting and transparency, better algorithms, and other data science tools to provide even more precise privacy assurances and improve the overall system.

Conclusion

By applying differential privacy, the Photos app can learn about the types of photos people take at iconic scenes without compromising user privacy. This approach ensures that Memories remains a compelling feature for all users, regardless of their location. The research team has successfully balanced privacy and utility by combining local noise addition with secure aggregation. This implementation has already powered ML selections for millions of users worldwide and opens up opportunities for future improvements in privacy-preserving ML research.

Summary: Unlocking Iconic Scenes with Enhanced Privacy Techniques

In this article, we explore how differential privacy (DP) is applied to protect user data while learning about the types of photos taken at popular locations in the Photos app. This ensures that personally identifiable information remains on the user’s device. By using DP, key photos are chosen for Memories and locations in Places without compromising user privacy. We discuss the three key aspects of machine learning research utilized in this feature, including accommodating data changes, balancing local and central differential privacy, and addressing non-uniform data density. We also explain how privacy is balanced with utility through techniques like secure aggregation. The article concludes by highlighting future improvements in privacy-preserving ML research.

You May Also Like to Read  Discover the Latest Social Chitchat Data with Hyunwoo Kim | November 2023

RELATED ARTICLESMORE FROM AUTHOR