联邦学习框架下的数据安全与利用合规路径
网络安全与数据治理 6期
孙绮雯
(清华大学法学院,北京100084)
摘要: 日趋严格的个人信息保护相关法律法规,在保护个人隐私的同时,增加了企业数据流通合规的难度和成本。在联邦学习框架中,数据不动模型动的隐私保护设计以技术促进法律的遵守,是打破数据孤岛壁垒、促进隐私保护前提下数据融合协作创新的可能解。将合法原则、数据最小化原则与目的限制原则嵌入到系统开发的技术中,联邦学习分布式协作框架以局部模型更新参数代替本地原始个人数据上传,实现数据本地训练存储,达到可用不可见的个人信息保护效果。由于潜在的网络安全攻击以及机器学习算法黑箱的固有缺陷,联邦学习仍然面临着质量原则、公正原则与透明原则的挑战。联邦学习不是规避合规义务的手段,而是减少个人信息合规风险的可行技术措施,使用时仍然存在需要履行的个人信息保护义务,数据权属与责任分配的确定需要综合考量各参与方角色和个人信息处理者类型。
中图分类号:D922.174
文献标识码:A
DOI:10.19358/j.issn.2097-1788.2023.06.004
引用格式:孙绮雯.联邦学习框架下的数据安全与利用合规路径[J].网络安全与数据治理,2023,42(6):21-29.
文献标识码:A
DOI:10.19358/j.issn.2097-1788.2023.06.004
引用格式:孙绮雯.联邦学习框架下的数据安全与利用合规路径[J].网络安全与数据治理,2023,42(6):21-29.
Data security and utilization compliance path under the federated learning framework
Sun Qiwen
(School of Law, Tsinghua University, Beijing 100084, China)
Abstract: The increasingly stringent laws and regulations related to personal information protection have increased the difficulty and cost of compliance in data circulation of enterprises while protecting personal privacy. Under the framework of federated learning, the privacy protection design that does not transmit the original data but only transmits the model uses technology to promote legal compliance, which can be a possible solution for data fusion and collaborative innovation under the premise of breaking the barriers of data isolation and promoting privacy protection. The legal principles, data minimization principle and purpose limitation principle, are embedded into the technical process of the system development. The distributed collaborative framework of federated learning uploads the updated parameters of the local model instead of original personal data, realizing local training and storage of data, and achieving such a great personal information protection effect that data can be utilizable while at the same time invisible. Due to potential network security attacks and inherent defects of machine learning algorithms black box, federated learning still faces the challenges of the principles of quality, fairness, and transparency. Federated learning is not a way to evade compliance obligations, but a feasible technical measure to reduce compliance risks of personal information. There still exist personal information protection obligations to be fulfilled when using federated learning framework. The determination of data ownership and responsibility allocation requires comprehensively consideration of the roles of each participant and the types of personal information processors.
Key words : federated learning; personal information protection; isolated data island; network security attack; collaborate and share
0 引言
当前人工智能发展面临数据孤岛现象与数据融合需求的矛盾,联邦学习有助于破解数据协作创新与数据隐私保护的困境。作为基于设计隐私的分布式协作模型,联邦学习可以在保护个人信息的前提下,使得跨组织、跨设备、跨区域的不同特征维度数据合规共享、流通、融合。在联邦学习框架中还可以结合使用多种隐私计算技术,如多方安全计算、同态加密等,进一步加强对个人信息的保护,降低隐私泄露的安全风险。本文首先分析了联邦学习是基于设计隐私思想的分布式协作模型,然后对联邦学习框架在个人信息保护原则下的表现进行评价并提出建议,最后探讨了联邦学习如何促进数据合规并指出依然存在的合规风险。
本文详细内容请下载:https://www.chinaaet.com/resource/share/2000005369
作者信息:
孙绮雯
(清华大学法学院,北京100084)
此内容为AET网站原创,未经授权禁止转载。