《電子技術(shù)應(yīng)用》
您所在的位置:首頁(yè) > 通信與網(wǎng)絡(luò) > 設(shè)計(jì)應(yīng)用 > 聯(lián)邦學(xué)習(xí)框架下的數(shù)據(jù)安全與利用合規(guī)路徑
聯(lián)邦學(xué)習(xí)框架下的數(shù)據(jù)安全與利用合規(guī)路徑
網(wǎng)絡(luò)安全與數(shù)據(jù)治理 6期
孫綺雯
(清華大學(xué)法學(xué)院,北京100084)
摘要: 日趨嚴(yán)格的個(gè)人信息保護(hù)相關(guān)法律法規(guī),在保護(hù)個(gè)人隱私的同時(shí),增加了企業(yè)數(shù)據(jù)流通合規(guī)的難度和成本。在聯(lián)邦學(xué)習(xí)框架中,數(shù)據(jù)不動(dòng)模型動(dòng)的隱私保護(hù)設(shè)計(jì)以技術(shù)促進(jìn)法律的遵守,是打破數(shù)據(jù)孤島壁壘、促進(jìn)隱私保護(hù)前提下數(shù)據(jù)融合協(xié)作創(chuàng)新的可能解。將合法原則、數(shù)據(jù)最小化原則與目的限制原則嵌入到系統(tǒng)開(kāi)發(fā)的技術(shù)中,聯(lián)邦學(xué)習(xí)分布式協(xié)作框架以局部模型更新參數(shù)代替本地原始個(gè)人數(shù)據(jù)上傳,實(shí)現(xiàn)數(shù)據(jù)本地訓(xùn)練存儲(chǔ),達(dá)到可用不可見(jiàn)的個(gè)人信息保護(hù)效果。由于潛在的網(wǎng)絡(luò)安全攻擊以及機(jī)器學(xué)習(xí)算法黑箱的固有缺陷,聯(lián)邦學(xué)習(xí)仍然面臨著質(zhì)量原則、公正原則與透明原則的挑戰(zhàn)。聯(lián)邦學(xué)習(xí)不是規(guī)避合規(guī)義務(wù)的手段,而是減少個(gè)人信息合規(guī)風(fēng)險(xiǎn)的可行技術(shù)措施,使用時(shí)仍然存在需要履行的個(gè)人信息保護(hù)義務(wù),數(shù)據(jù)權(quán)屬與責(zé)任分配的確定需要綜合考量各參與方角色和個(gè)人信息處理者類型。
中圖分類號(hào):D922.174
文獻(xiàn)標(biāo)識(shí)碼:A
DOI:10.19358/j.issn.2097-1788.2023.06.004
引用格式:孫綺雯.聯(lián)邦學(xué)習(xí)框架下的數(shù)據(jù)安全與利用合規(guī)路徑[J].網(wǎng)絡(luò)安全與數(shù)據(jù)治理,2023,42(6):21-29.
Data security and utilization compliance path under the federated learning framework
Sun Qiwen
(School of Law, Tsinghua University, Beijing 100084, China)
Abstract: The increasingly stringent laws and regulations related to personal information protection have increased the difficulty and cost of compliance in data circulation of enterprises while protecting personal privacy. Under the framework of federated learning, the privacy protection design that does not transmit the original data but only transmits the model uses technology to promote legal compliance, which can be a possible solution for data fusion and collaborative innovation under the premise of breaking the barriers of data isolation and promoting privacy protection. The legal principles, data minimization principle and purpose limitation principle, are embedded into the technical process of the system development. The distributed collaborative framework of federated learning uploads the updated parameters of the local model instead of original personal data, realizing local training and storage of data, and achieving such a great personal information protection effect that data can be utilizable while at the same time invisible. Due to potential network security attacks and inherent defects of machine learning algorithms black box, federated learning still faces the challenges of the principles of quality, fairness, and transparency. Federated learning is not a way to evade compliance obligations, but a feasible technical measure to reduce compliance risks of personal information. There still exist personal information protection obligations to be fulfilled when using federated learning framework. The determination of data ownership and responsibility allocation requires comprehensively consideration of the roles of each participant and the types of personal information processors.
Key words : federated learning; personal information protection; isolated data island; network security attack; collaborate and share

0     引言

當(dāng)前人工智能發(fā)展面臨數(shù)據(jù)孤島現(xiàn)象與數(shù)據(jù)融合需求的矛盾,聯(lián)邦學(xué)習(xí)有助于破解數(shù)據(jù)協(xié)作創(chuàng)新與數(shù)據(jù)隱私保護(hù)的困境。作為基于設(shè)計(jì)隱私的分布式協(xié)作模型,聯(lián)邦學(xué)習(xí)可以在保護(hù)個(gè)人信息的前提下,使得跨組織、跨設(shè)備、跨區(qū)域的不同特征維度數(shù)據(jù)合規(guī)共享、流通、融合。在聯(lián)邦學(xué)習(xí)框架中還可以結(jié)合使用多種隱私計(jì)算技術(shù),如多方安全計(jì)算、同態(tài)加密等,進(jìn)一步加強(qiáng)對(duì)個(gè)人信息的保護(hù),降低隱私泄露的安全風(fēng)險(xiǎn)。本文首先分析了聯(lián)邦學(xué)習(xí)是基于設(shè)計(jì)隱私思想的分布式協(xié)作模型,然后對(duì)聯(lián)邦學(xué)習(xí)框架在個(gè)人信息保護(hù)原則下的表現(xiàn)進(jìn)行評(píng)價(jià)并提出建議,最后探討了聯(lián)邦學(xué)習(xí)如何促進(jìn)數(shù)據(jù)合規(guī)并指出依然存在的合規(guī)風(fēng)險(xiǎn)。


本文詳細(xì)內(nèi)容請(qǐng)下載:http://ihrv.cn/resource/share/2000005369




作者信息:

孫綺雯

(清華大學(xué)法學(xué)院,北京100084)


微信圖片_20210517164139.jpg

此內(nèi)容為AET網(wǎng)站原創(chuàng),未經(jīng)授權(quán)禁止轉(zhuǎn)載。