Privacy in Machine Learning and Artificial Intelligence

FAIM 2018 Workshop | Stockholm, July 15 | Stockholmmässan Stockholm



The one-day workshop focuses on the technical aspects of privacy research with invited and contributed talks by distinguished researchers in the area. We will conclude the workshop with a panel discussion about ethical and regulatory aspects. The programme of the workshop will emphasize the diversity of points of view on the problem of privacy, exemplified by the approaches pursued by specific sub-communities scattered across the different meetings comprising the Federated Artificial Intelligence Meeting. We will also ensure there is ample time for discussions that encourage networking between researches from these different sub-communities, which should result in mutually beneficial new long-term collaborations.

Invited Speakers

  • Úlfar Erlingsson (Google)
  • Catuscia Palamidessi (INRIA)
  • Pınar Yolum (Utrecht)


8.45 Welcome and Introduction
9.00 Invited talk: Pınar Yolum
09.50 Contributed Talk
10.10 Contributed Talk
10.30 Coffee Break + Poster Session
11.00 Poster Spotlights
12.00 Lunch break + Poster Session
13.30 Invited Talk
14.20 Contributed Talks
15.30 Coffee Break + Poster Session
16.00 Invited Talk
16.50 Contributed Talk + Panel
17.45 Wrap Up

Accepted Papers

Martin Bertran, Natalia Martinez, Afroditi Papadaki, Qiang Qiu, Miguel Rodrigues, Guillermo Sapiro
Learning and Deciding Our Own Privacy in a Collaborative System
Ahmed Salem, Yang Zhang, Mathias Humbert, Pascal Berrang, Mario Fritz, Michael Backes
Revisiting Membership Inference Attacks Against Machine Learning Models
Seda Gurses, Rebekah Overdorf, Ero Balsa
POTs: The revolution will not be optimized?
Abdurrahman Can Kurtan, Pınar Yolum
PELTE: Privacy Estimation of Images from Tags
Maria-Florina Balcan, Travis Dick, Ellen Vitercik
Dispersion for Private Optimization of Piecewise Lipschitz Functions
Phillipp Schoppmann, Hendrik Borchert, Bjorn Scheuermann
Distributed Linear Regression with Differential Privacy
Sam Leroux, Tim Verbelen, Pieter Simoens, Bart Dhoedt
Privacy Aware Offloading of Deep Neural Networks
Adria Gascon, Borja Balle, Phillipp Schoppman
Private Nearest Neighbors Classification in Federated Databases
Joonas Jalko, Antti Honkela, Samuel Kaski
Privacy-aware data sharing
Jamie Hayes, Luca Melis, George Danezis, Emiliano De Cristofaro
LOGAN: Membership Inference Attacks Against Generative Models
Chong Huang, Peter Kairouz, Xiao Chen, Lalitha Sankar, Ram Rajagopal
Generative Adversarial Privacy
Zhenyu Wu, Zhangyang Wang, Zhaowen Wang, Hailin Jin
Towards Privacy-Preserving Visual Recognition via Adversarial Training
Vasyl Pihur, Aleksandra Korolova, Frederick Liu, Subhash Sankuratripati, Moti Yung, Dachuan Huang, Ruogu Zeng
Differentially-private "Draw and Discard" Machine Learning
Raman Arora, Vladimir Braverman, Jalaj Upadhyay
Differentially Private Robust PCA
Aaron Schein, Zhiwei Steven Wu, Alexandra Schofield, Mingyuan Zhou, Hanna Wallach
Locally Private Bayesian Inference for Count Models
Eleftheria Makri, Dragos Rotaru, Nigel Smart, Frederik Vercauteren
EPIC: Efficient Private Image Classification (or: Learning from the Masters)
Niki Kilbertus, Adria Gascon, Matt Kusner, Michael Veale, Krishna Gummadi, Adrian Weller
Blind Justice: Fairness with Encrypted Sensitive Attributes
Amartya Sanyal, Matt Kusner, Adria Gascon, Varun Kanade
Encrypted Prediction as a Service
Teppo Niinimaki, Mikko Heikkila, Samuel Kaski, Antti Honkela
Deep Transfer Learning of Representations for Differentially Private Learning
Matthias Matousek, Christoph Bosch, Frank Kargl
Privacy-Preserving Decision Trees
Kyle Fritchman, Rafael Dowsley, Tyler Hughes, Martine De Cock, Anderson Nascimento, Ankur Teredesai
Privacy-Preserving Scoring of Tree Ensembles: A Novel Framework for AI in Healthcare

Travel Grants

Grants are available to help partially cover the travel expenses of students and researchers attending the workshop. Each grant will reimburse registration costs and travel expenses up to a maximum of 700 euros. We might be unable to provide awards to all applicants, in which case awards will be determined by the organizers based on the application material.

Applications are due on June 4, 2018.

An application for a travel award will consist of a single PDF file with a justification of financial needs, a summary of research interests, and a brief discussion of why the applicant will benefit from participating in the workshop. Please send your applications to with the subject title "PiMLAI Travel Grant".

Sponsored by:

Call For Papers & Important Dates

Download Full CFP Submit Your Abstract

Abstract submission: May 14, 2018 (11pm59 CET)
Notification of acceptance: May 29, 2018
Late breaking results submissions: June 15, 2018
Notification of acceptance : June 20, 2018
Workshop: July 15, 2018

We invite submissions of recent work on privacy in machine learning and artificial intelligence, both theory and application-oriented. Similarly to how ICML, IJCAI, AAMAS, and other FAIM workshops are organized, all accepted abstracts will be part of a poster session held during the workshop. Additionally, the PC will select a subset of the abstracts for short oral presentations. At least one author of each accepted abstract is expected to represent it at the workshop.

Submissions in the form of extended abstracts must be at most 2 pages long (not including references) and adhere to the ICML format. We do accept submissions of work recently published or currently under review. Submissions do not need to be anonymized. The workshop will not have formal proceedings, but authors of accepted abstracts can choose to have their work published on the workshop webpage.

Solicited topics include, but are not limited to:

  • Differential privacy: theory, applications, and implementations

  • Privacy in internet of things and multi-agent systems

  • Privacy-preserving machine learning

  • Trade-offs between privacy and utility

  • Programming languages for privacy-preserving data analysis

  • Statistical notions of privacy, including relaxations of differential privacy

  • Empirical and theoretical comparisons between different notions of privacy

  • Privacy attacks

  • Policy-making aspects of data privacy

  • Secure multi-party computation techniques for machine learning

  • Learning on encrypted data, homomorphic encryption

  • Distributed privacy-preserving algorithms

  • Normative approaches to privacy in AI

  • Privacy in autonomous systems

  • Online social networks privacy


Workshop organizers

  • Borja Balle (Amazon Research Cambridge)
  • Antti Honkela (University of Helsinki)
  • Kamalika Chaudhuri (UCSD CSE)
  • Beyza Ermis (Amazon Research Berlin)
  • Jose Such (King's College London)
  • Mijung Park (MPI Tuebingen)

Program Committee

  • Adria Gascon (Turing Institute)
  • Anand Sarwate (Rutgers University)
  • Aurelien Bellet (INRIA)
  • Carmela Troncoso (EPFL)
  • Christos Dimitrakakis (Chalmers University)
  • Emiliano De Cristofaro (UCL)
  • Gaurav Misra (University of New South Wales)
  • Joseph Geumlek (UCSD CSE)
  • Marco Gaboardi (University of Buffalo, SUNY)
  • Maziar Gomrokchi (McGill University)
  • Michael Brueckner (Amazon Research Berlin)
  • Nadin Kokciyan (King's College London)
  • Olya Ohrimenko (Microsoft Research)
  • Ozgur Kafali (University of Kent)
  • Pauline Anthonysamy (Google)
  • Peter Kairouz (Stanford University)
  • Phillipp Schoppmann (Humboldt)
  • Pradeep Murukannaiah (Rochester Institute of Technology)
  • Shuang Song (UCSD CSE)
  • Yu-Xiang Wang (Amazon AWS)

  • Sponsors