eprintid: 10052303
rev_number: 33
eprint_status: archive
userid: 608
dir: disk0/10/05/23/03
datestamp: 2018-07-16 16:51:48
lastmod: 2021-09-19 23:57:00
status_changed: 2018-10-16 10:33:43
type: article
metadata_visibility: show
creators_name: Veale, M
creators_name: Binns, R
creators_name: Edwards, L
title: Algorithms that remember: model inversion attacks and data protection law
ispublished: pub
divisions: UCL
divisions: B03
divisions: C02
keywords: model inversion, personal data, model trading, machine learning
note: © 2018 The Authors. Published by the Royal Society under the terms of the Creative Commons Attribution License (http://creativecommons.org/licenses/by/4.0/).
abstract: Many individuals are concerned about the governance of machine learning systems and the prevention of algorithmic harms. The EU's recent General Data Protection Regulation (GDPR) has been seen as a core tool for achieving better governance of this area. While the GDPR does apply to the use of models in some limited situations, most of its provisions relate to the governance of personal data, while models have traditionally been seen as intellectual property. We present recent work from the information security literature around ‘model inversion’ and ‘membership inference’ attacks, which indicates that the process of turning training data into machine-learned systems is not one way, and demonstrate how this could lead some models to be legally classified as personal data. Taking this as a probing experiment, we explore the different rights and obligations this would trigger and their utility, and posit future directions for algorithmic governance and regulation.
date: 2018-11-28
date_type: published
official_url: https://doi.org/10.1098/rsta.2018.0083
oa_status: green
full_text_type: pub
language: eng
primo: open
primo_central: open_green
article_type_text: Journal Article
verified: verified_manual
elements_id: 1566759
doi: 10.1098/rsta.2018.0083
language_elements: English
lyricists_name: Veale, Michael
lyricists_id: MVEAL90
actors_name: Veale, Michael
actors_id: MVEAL90
actors_role: owner
full_text_status: public
publication: Philosophical Transactions A: Mathematical, Physical and Engineering Sciences
volume: 376
number: 2133
article_number: 20180083
issn: 1364-503X
citation:        Veale, M;    Binns, R;    Edwards, L;      (2018)    Algorithms that remember: model inversion attacks and data protection law.                   Philosophical Transactions A: Mathematical, Physical and Engineering Sciences , 376  (2133)    , Article 20180083.  10.1098/rsta.2018.0083 <https://doi.org/10.1098/rsta.2018.0083>.       Green open access   
 
document_url: https://discovery-pp.ucl.ac.uk/id/eprint/10052303/1/Veale_Algorithms%20that%20Remember.%20Model%20Inversion%20Attacks%20and%20Data%20Protection%20Law_VoR.pdf