聯邦學習框架下的數據安全與利用合規路徑
網絡安全與數據治理 6期
孫綺雯
(清華大學法學院,北京100084)
摘要: 日趨嚴格的個人信息保護相關法律法規,在保護個人隱私的同時,增加了企業數據流通合規的難度和成本。在聯邦學習框架中,數據不動模型動的隱私保護設計以技術促進法律的遵守,是打破數據孤島壁壘、促進隱私保護前提下數據融合協作創新的可能解。將合法原則、數據最小化原則與目的限制原則嵌入到系統開發的技術中,聯邦學習分布式協作框架以局部模型更新參數代替本地原始個人數據上傳,實現數據本地訓練存儲,達到可用不可見的個人信息保護效果。由于潛在的網絡安全攻擊以及機器學習算法黑箱的固有缺陷,聯邦學習仍然面臨著質量原則、公正原則與透明原則的挑戰。聯邦學習不是規避合規義務的手段,而是減少個人信息合規風險的可行技術措施,使用時仍然存在需要履行的個人信息保護義務,數據權屬與責任分配的確定需要綜合考量各參與方角色和個人信息處理者類型。
中圖分類號:D922.174
文獻標識碼:A
DOI:10.19358/j.issn.2097-1788.2023.06.004
引用格式:孫綺雯.聯邦學習框架下的數據安全與利用合規路徑[J].網絡安全與數據治理,2023,42(6):21-29.
文獻標識碼:A
DOI:10.19358/j.issn.2097-1788.2023.06.004
引用格式:孫綺雯.聯邦學習框架下的數據安全與利用合規路徑[J].網絡安全與數據治理,2023,42(6):21-29.
Data security and utilization compliance path under the federated learning framework
Sun Qiwen
(School of Law, Tsinghua University, Beijing 100084, China)
Abstract: The increasingly stringent laws and regulations related to personal information protection have increased the difficulty and cost of compliance in data circulation of enterprises while protecting personal privacy. Under the framework of federated learning, the privacy protection design that does not transmit the original data but only transmits the model uses technology to promote legal compliance, which can be a possible solution for data fusion and collaborative innovation under the premise of breaking the barriers of data isolation and promoting privacy protection. The legal principles, data minimization principle and purpose limitation principle, are embedded into the technical process of the system development. The distributed collaborative framework of federated learning uploads the updated parameters of the local model instead of original personal data, realizing local training and storage of data, and achieving such a great personal information protection effect that data can be utilizable while at the same time invisible. Due to potential network security attacks and inherent defects of machine learning algorithms black box, federated learning still faces the challenges of the principles of quality, fairness, and transparency. Federated learning is not a way to evade compliance obligations, but a feasible technical measure to reduce compliance risks of personal information. There still exist personal information protection obligations to be fulfilled when using federated learning framework. The determination of data ownership and responsibility allocation requires comprehensively consideration of the roles of each participant and the types of personal information processors.
Key words : federated learning; personal information protection; isolated data island; network security attack; collaborate and share
0 引言
當前人工智能發展面臨數據孤島現象與數據融合需求的矛盾,聯邦學習有助于破解數據協作創新與數據隱私保護的困境。作為基于設計隱私的分布式協作模型,聯邦學習可以在保護個人信息的前提下,使得跨組織、跨設備、跨區域的不同特征維度數據合規共享、流通、融合。在聯邦學習框架中還可以結合使用多種隱私計算技術,如多方安全計算、同態加密等,進一步加強對個人信息的保護,降低隱私泄露的安全風險。本文首先分析了聯邦學習是基于設計隱私思想的分布式協作模型,然后對聯邦學習框架在個人信息保護原則下的表現進行評價并提出建議,最后探討了聯邦學習如何促進數據合規并指出依然存在的合規風險。
本文詳細內容請下載:http://www.viuna.cn/resource/share/2000005369
作者信息:
孫綺雯
(清華大學法學院,北京100084)
此內容為AET網站原創,未經授權禁止轉載。