Securing Artificial Intelligence TC (SAI); Privacy aspects of AI/ML systems

Abstract

The purpose of this work item is to identify the role of privacy as one of the components of the Security of AI and proceed with the attempt to define Privacy in the context of AI that covers both, safeguarding models and protecting data, as well as the role of privacy-sensitive data in AI solutions. It investigates and addresses the attacks and their associated remediations where applicable, considering the existence of multiple levels of trust affecting the lifecycle of data. Appropriate means to label/protect/anonymize privacy-sensitive data elements during data collection and processing are studied aiming to protect privacy-sensitive data, while limiting AI performance impact. The investigated attack mitigations include Non-AI-Specific (traditional Security/Privacy redresses), AI/ML-specific remedies, pre-emptive remediations (“left of the boom"), and reactive responses to an adversarial activity (“right of the boom†). In addition, the anticipated delivery document will seek to align terminology with existing ETSI SAI ISG documents and studies, and will reference previously-studied privacy attacks and remediations (see ETSI GR SAI 004, ETSI GR SAI 002). The anticipated delivery document will also provide a summary of academic and industrial experience in privacy protection for AI.