Kaihe Xu,Hao Yue,Linke Guo,Yuanxiong Guo,Yuguang Fang

DOI: https://doi.org/10.1109/icdcs.2015.40

2015-06-01

Abstract:Machine learning has played an increasing important role in big data systems due to its capability of efficiently discovering valuable knowledge and hidden information. Often times big data such as healthcare systems or financial systems may involve with multiple organizations who may have different privacy policy, and may not explicitly share their data publicly while joint data processing may be a must. Thus, how to share big data among distributed data processing entities while mitigating privacy concerns becomes a challenging problem. Traditional methods rely on cryptographic tools and/or randomization to preserve privacy. Unfortunately, this alone may be inadequate for the emerging big data systems because they are mainly designed for traditional small-scale data sets. In this paper, we propose a novel framework to achieve privacy-preserving machine learning where the training data are distributed and each shared data portion is of large volume. Specifically, we utilize the data locality property of Apache Hadoop architecture and only a limited number of cryptographic operations at the Reduce() procedures to achieve privacy-preservation. We show that the proposed scheme is secure in the semi-honest model and use extensive simulations to demonstrate its scalability and correctness.

Fadila Zerka,Samir Barakat,Sean Walsh,Marta Bogowicz,Ralph T H Leijenaar,Arthur Jochems,Benjamin Miraglio,David Townend,Philippe Lambin

DOI: https://doi.org/10.1200/CCI.19.00047

Abstract:Big data for health care is one of the potential solutions to deal with the numerous challenges of health care, such as rising cost, aging population, precision medicine, universal health coverage, and the increase of noncommunicable diseases. However, data centralization for big data raises privacy and regulatory concerns.Covered topics include (1) an introduction to privacy of patient data and distributed learning as a potential solution to preserving these data, a description of the legal context for patient data research, and a definition of machine/deep learning concepts; (2) a presentation of the adopted review protocol; (3) a presentation of the search results; and (4) a discussion of the findings, limitations of the review, and future perspectives.Distributed learning from federated databases makes data centralization unnecessary. Distributed algorithms iteratively analyze separate databases, essentially sharing research questions and answers between databases instead of sharing the data. In other words, one can learn from separate and isolated datasets without patient data ever leaving the individual clinical institutes.Distributed learning promises great potential to facilitate big data for medical application, in particular for international consortiums. Our purpose is to review the major implementations of distributed learning in health care.

Yeongjae Gil,Xiaoqian Jiang,Miran Kim,Junghye Lee

DOI: https://doi.org/10.48550/arXiv.2005.11007

2020-05-22

Abstract:Data integration and sharing maximally enhance the potential for novel and meaningful discoveries. However, it is a non-trivial task as integrating data from multiple sources can put sensitive information of study participants at risk. To address the privacy concern, we present a distributed Bayesian learning approach via Preconditioned Stochastic Gradient Langevin Dynamics with RMSprop, which combines differential privacy and homomorphic encryption in a harmonious manner while protecting private information. We applied the proposed secure and privacy-preserving distributed Bayesian learning approach to logistic regression and survival analysis on distributed data, and demonstrated its feasibility in terms of prediction accuracy and time complexity, compared to the centralized approach.

Cryptography and Security,Machine Learning

Jasmin Zalonis,Frederik Armknecht,Björn Grohmann,Manuel Koch

DOI: https://doi.org/10.48550/arXiv.2201.11406

2022-01-27

Abstract:Machine Learning on Big Data gets more and more attention in various fields. Even so privacy-preserving techniques become more important, even necessary due to legal regulations such as the General Data Protection Regulation (GDPR). On the other hand data is often distributed among various parties. Especially in the medical context there are several data holders, e.g. hospitals and we need to deal with highly sensitive values. A real world scenario would be data that is held in an electronic patient record that is available in many countries by now. The medical data is encrypted. Users (e.g. physicians, hospitals) can only decrypt the data after patient authorization. One of the main questions concerning this scenario is whether it is possible to process the data for research purposes without violating the privacy of the data owner. We want to evaluate which cryptographic mechanism - homomorphic encryption, multiparty computation or trusted execution environements - can be used for this task.

Cryptography and Security

Shuang Song

2018-01-01

Abstract:Author(s): Song, Shuang | Advisor(s): Chaudhuri, Kamalika | Abstract: Modern machine learning increasingly involves personal data, such as healthcare, financial and user behavioral information. However, models trained on such data can reveal detailed information about the data and cause a serious privacy breach. Consequently, it is important to design algorithms that can analyze the sensitive data while still preserving privacy. This thesis advances the state-of-the-art of privacy-preserving machine learning in the following two major aspects.First, this thesis addresses the challenges in differentially private large-scale machine learning. On the one hand, with a large amount of sensitive user data, privacy-preserving learning algorithms are expected to achieve improved utility. On the other hand, big data imposes additional challenges, including performance (a.k.a Volume), data noise (a.k.a Veracity), a large number of classes and distributed sources (a.k.a Variety). This thesis presents (1) private versions of the widely used stochastic gradient descent (SGD) algorithm with generalization to data from multiple sources of different privacy requirements, and (2) an improved version of the Private Aggregation of Teacher Ensembles (PATE) framework which can scale to learning tasks with a large number of output classes and uncurated, imbalanced training data.Second, this thesis considers privacy-preserving data analysis beyond tabular data. Differential privacy is best suited for tabular data, where each record corresponds to all the information about an individual and records are independent of each other. However, many real-world applications involve non-tabular sensitive data, such as epidemic transmission graphs and measurement of the physical activity of a single subject across time. To analyze disease transmission graphs, or more general, graphs with sensitive information stored in each node, this thesis considers privacy-preserving continual release of graph statistics, such as the percentages of highly-active patients over time. The proposed algorithm outperforms the baselines in utility over a range of parameters. For physical activity measurement, or more generally, data with correlation, this thesis looks at a recent generalization of differential privacy, called Pufferfish privacy, that addresses privacy concerns in correlated data. Two mechanisms that work under different scenarios are proposed, and one of them is evaluated on real and synthetic time-series data.

Olivia Choudhury,Aris Gkoulalas-Divanis,Theodoros Salonidis,Issa Sylla,Yoonyoung Park,Grace Hsu,Amar Das

DOI: https://doi.org/10.48550/arXiv.1910.02578

2020-02-27

Abstract:Leveraging real-world health data for machine learning tasks requires addressing many practical challenges, such as distributed data silos, privacy concerns with creating a centralized database from person-specific sensitive data, resource constraints for transferring and integrating data from multiple sites, and risk of a single point of failure. In this paper, we introduce a federated learning framework that can learn a global model from distributed health data held locally at different sites. The framework offers two levels of privacy protection. First, it does not move or share raw data across sites or with a centralized server during the model training process. Second, it uses a differential privacy mechanism to further protect the model from potential privacy attacks. We perform a comprehensive evaluation of our approach on two healthcare applications, using real-world electronic health data of 1 million patients. We demonstrate the feasibility and effectiveness of the federated learning framework in offering an elevated level of privacy and maintaining utility of the global model.

Machine Learning,Cryptography and Security

Vinith M. Suriyakumar,Nicolas Papernot,Anna Goldenberg,Marzyeh Ghassemi

DOI: https://doi.org/10.48550/arXiv.2010.06667

2020-10-14

Abstract:Machine learning models in health care are often deployed in settings where it is important to protect patient privacy. In such settings, methods for differentially private (DP) learning provide a general-purpose approach to learn models with privacy guarantees. Modern methods for DP learning ensure privacy through mechanisms that censor information judged as too unique. The resulting privacy-preserving models, therefore, neglect information from the tails of a data distribution, resulting in a loss of accuracy that can disproportionately affect small groups. In this paper, we study the effects of DP learning in health care. We use state-of-the-art methods for DP learning to train privacy-preserving models in clinical prediction tasks, including x-ray classification of images and mortality prediction in time series data. We use these models to perform a comprehensive empirical investigation of the tradeoffs between privacy, utility, robustness to dataset shift, and fairness. Our results highlight lesser-known limitations of methods for DP learning in health care, models that exhibit steep tradeoffs between privacy and utility, and models whose predictions are disproportionately influenced by large demographic groups in the training data. We discuss the costs and benefits of differentially private learning in health care.

Machine Learning,Cryptography and Security,Computers and Society

Shakir Khan,Nabamita Deb,Nashwan Adnan Othman,V. Saravanan,Gnanaprakasam C. N,T. Jaya Lakshmi

DOI: https://doi.org/10.1155/2022/9985933

IF: 3.12

2022-03-24

Computational Intelligence and Neuroscience

Abstract:With the rapid development of mobile medical care, medical institutions also have the hidden danger of privacy leakage while sharing personal medical data. Based on the k-anonymity and l-diversity supervised models, it is proposed to use the classified personalized entropy l-diversity privacy protection model to protect user privacy in a fine-grained manner. By distinguishing solid and weak sensitive attribute values, the constraints on sensitive attributes are improved, and the sensitive information is reduced for the leakage probability of vital information to achieve the safety of medical data sharing. This research offers a customized information entropy l-diversity model and performs experiments to tackle the issues that the information entropy l-diversity model does not discriminate between strong and weak sensitive features. Data analysis and experimental results show that this method can minimize execution time while improving data accuracy and service quality, which is more effective than existing solutions. The limits of solid and weak on sensitive qualities are enhanced, sensitive data are reduced, and the chance of crucial data leakage is lowered, all of which contribute to the security of healthcare data exchange. This research offers a customized information entropy l-diversity model and performs experiments to tackle the issues that the information entropy l-diversity model does not discriminate between strong and weak sensitive features. The scope of this research is that this paper enhances data accuracy while minimizing the algorithm’s execution time.

mathematical & computational biology,neurosciences

Kieran Chin-Cheong,Thomas Sutter,Julia E. Vogt

DOI: https://doi.org/10.48550/arXiv.2006.03423

2020-06-05

Abstract:Electronic Health Records (EHRs) are commonly used by the machine learning community for research on problems specifically related to health care and medicine. EHRs have the advantages that they can be easily distributed and contain many features useful for e.g. classification problems. What makes EHR data sets different from typical machine learning data sets is that they are often very sparse, due to their high dimensionality, and often contain heterogeneous (mixed) data types. Furthermore, the data sets deal with sensitive information, which limits the distribution of any models learned using them, due to privacy concerns. For these reasons, using EHR data in practice presents a real challenge. In this work, we explore using Generative Adversarial Networks to generate synthetic, heterogeneous EHRs with the goal of using these synthetic records in place of existing data sets for downstream classification tasks. We will further explore applying differential privacy (DP) preserving optimization in order to produce DP synthetic EHR data sets, which provide rigorous privacy guarantees, and are therefore shareable and usable in the real world. The performance (measured by AUROC, AUPRC and accuracy) of our model's synthetic, heterogeneous data is very close to the original data set (within 3 - 5% of the baseline) for the non-DP model when tested in a binary classification task. Using strong $(1, 10^{-5})$ DP, our model still produces data useful for machine learning tasks, albeit incurring a roughly 17% performance penalty in our tested classification task. We additionally perform a sub-population analysis and find that our model does not introduce any bias into the synthetic EHR data compared to the baseline in either male/female populations, or the 0-18, 19-50 and 51+ age groups in terms of classification performance for either the non-DP or DP variant.

Machine Learning

Erik-Jan van Kesteren,Chang Sun,Daniel L. Oberski,Michel Dumontier,Lianne Ippel

DOI: https://doi.org/10.48550/arXiv.1911.03183

2019-11-08

Abstract:Combining data from varied sources has considerable potential for knowledge discovery: collaborating data parties can mine data in an expanded feature space, allowing them to explore a larger range of scientific questions. However, data sharing among different parties is highly restricted by legal conditions, ethical concerns, and / or data volume. Fueled by these concerns, the fields of cryptography and distributed learning have made great progress towards privacy-preserving and distributed data mining. However, practical implementations have been hampered by the limited scope or computational complexity of these methods. In this paper, we greatly extend the range of analyses available for vertically partitioned data, i.e., data collected by separate parties with different features on the same subjects. To this end, we present a novel approach for privacy-preserving generalized linear models, a fundamental and powerful framework underlying many prediction and classification procedures. We base our method on a distributed block coordinate descent algorithm to obtain parameter estimates, and we develop an extension to compute accurate standard errors without additional communication cost. We critically evaluate the information transfer for semi-honest collaborators and show that our protocol is secure against data reconstruction. Through both simulated and real-world examples we illustrate the functionality of our proposed algorithm. Without leaking information, our method performs as well on vertically partitioned data as existing methods on combined data -- all within mere minutes of computation time. We conclude that our method is a viable approach for vertically partitioned data analysis with a wide range of real-world applications.

Machine Learning,Cryptography and Security,Distributed, Parallel, and Cluster Computing

Tsung-Ting Kuo,Lucila Ohno-Machado

DOI: https://doi.org/10.48550/arXiv.1802.01746

2018-02-06

Abstract:Cross-institutional healthcare predictive modeling can accelerate research and facilitate quality improvement initiatives, and thus is important for national healthcare delivery priorities. For example, a model that predicts risk of re-admission for a particular set of patients will be more generalizable if developed with data from multiple institutions. While privacy-protecting methods to build predictive models exist, most are based on a centralized architecture, which presents security and robustness vulnerabilities such as single-point-of-failure (and single-point-of-breach) and accidental or malicious modification of records. In this article, we describe a new framework, ModelChain, to adapt Blockchain technology for privacy-preserving machine learning. Each participating site contributes to model parameter estimation without revealing any patient health information (i.e., only model data, no observation-level data, are exchanged across institutions). We integrate privacy-preserving online machine learning with a private Blockchain network, apply transaction metadata to disseminate partial models, and design a new proof-of-information algorithm to determine the order of the online learning process. We also discuss the benefits and potential issues of applying Blockchain technology to solve the privacy-preserving healthcare predictive modeling task and to increase interoperability between institutions, to support the Nationwide Interoperability Roadmap and national healthcare delivery priorities such as Patient-Centered Outcomes Research (PCOR).

Computers and Society,Cryptography and Security

Kwabena Owusu-Agyemang,Zhen Qin,Appiah Benjamin,Hu Xiong,Zhiguang Qin

DOI: https://doi.org/10.3934/mbe.2021243

2021-01-01

Mathematical Biosciences and Engineering

Abstract:Distributed learning over data from sensor-based networks has been adopted to collaboratively train models on these sensitive data without privacy leakages. We present a distributed learning framework that involves the integration of secure multi-party computation and differential privacy. In our differential privacy method, we explore the potential of output perturbation and gradient perturbation and also progress with the cutting-edge methods of both techniques in the distributed learning domain. In our proposed multi-scheme output perturbation algorithm (MS-OP), data owners combine their local classifiers within a secure multi-party computation and later inject an appreciable amount of statistical noise into the model before they are revealed. In our Adaptive Iterative gradient perturbation (MS-GP) method, data providers collaboratively train a global model. During each iteration, the data owners aggregate their locally trained models within the secure multi-party domain. Since the conversion of differentially private algorithms are often naive, we improve on the method by a meticulous calibration of the privacy budget for each iteration. As the parameters of the model approach the optimal values, gradients are decreased and therefore require accurate measurement. We, therefore, add a fundamental line-search capability to enable our MS-GP algorithm to decide exactly when a more accurate measurement of the gradient is indispensable. Validation of our models on three (3) real-world datasets shows that our algorithm possesses a sustainable competitive advantage over the existing cutting-edge privacy-preserving requirements in the distributed setting.

Daniel Schalk,Raphael Rehms,Verena S Hoffmann,Bernd Bischl,Ulrich Mansmann

DOI: https://doi.org/10.1186/s12874-024-02312-4

2024-08-29

Abstract:Background: Distributed statistical analyses provide a promising approach for privacy protection when analyzing data distributed over several databases. Instead of directly operating on data, the analyst receives anonymous summary statistics, which are combined into an aggregated result. Further, in discrimination model (prognosis, diagnosis, etc.) development, it is key to evaluate a trained model w.r.t. to its prognostic or predictive performance on new independent data. For binary classification, quantifying discrimination uses the receiver operating characteristics (ROC) and its area under the curve (AUC) as aggregation measure. We are interested to calculate both as well as basic indicators of calibration-in-the-large for a binary classification task using a distributed and privacy-preserving approach. Methods: We employ DataSHIELD as the technology to carry out distributed analyses, and we use a newly developed algorithm to validate the prediction score by conducting distributed and privacy-preserving ROC analysis. Calibration curves are constructed from mean values over sites. The determination of ROC and its AUC is based on a generalized linear model (GLM) approximation of the true ROC curve, the ROC-GLM, as well as on ideas of differential privacy (DP). DP adds noise (quantified by the ℓ 2 sensitivity Δ 2 ( f ^ ) ) to the data and enables a global handling of placement numbers. The impact of DP parameters was studied by simulations. Results: In our simulation scenario, the true and distributed AUC measures differ by Δ AUC < 0.01 depending heavily on the choice of the differential privacy parameters. It is recommended to check the accuracy of the distributed AUC estimator in specific simulation scenarios along with a reasonable choice of DP parameters. Here, the accuracy of the distributed AUC estimator may be impaired by too much artificial noise added from DP. Conclusions: The applicability of our algorithms depends on the ℓ 2 sensitivity Δ 2 ( f ^ ) of the underlying statistical/predictive model. The simulations carried out have shown that the approximation error is acceptable for the majority of simulated cases. For models with high Δ 2 ( f ^ ) , the privacy parameters must be set accordingly higher to ensure sufficient privacy protection, which affects the approximation error. This work shows that complex measures, as the AUC, are applicable for validation in distributed setups while preserving an individual's privacy.

Tianyu He,Peiyi Han,Shaoming Duan,Zirui Wang,Wentai Wu,Chuanyi Liu,Jianrun Han

DOI: https://doi.org/10.1016/j.future.2024.05.048

IF: 7.307

2024-01-01

Future Generation Computer Systems

Abstract:Swarm learning (SL) is an emerging promising decentralized machine learning paradigm and has achieved high performance in clinical applications. By combining edge computing and a blockchain-based peer-to-peer network, SL overcomes the challenges of a centralized structure in federated learning. Although SL has achieved impressive results assuming independent and identically distributed (IID) data across participants, it experiences performance degradation when faced with non-IID data. To this end, we propose a novel framework called DP-SL-GAN, which leverages differential generative augmentation in SL. which augments the non-IID data by generating synthetic data on each SL participant. DP-SL-GAN co-trains a differential generative model with the local target task model and integrates them periodically through a randomly elected coordinator in the SL network. Under the standard assumptions, we theoretically prove the convergence of DP-SL-GAN using stochastic approximations and provide the privacy guarantee for our method. Experimental results demonstrate that DP-SL-GAN outperforms state-of-the-art methods on three real world clinical datasets including Tuberculosis, Leukemia, COVID-19.

Alexander Krall,Daniel Finke,Hui Yang

DOI: https://doi.org/10.1109/EMBC44109.2020.9176834

Abstract:Advanced sensing technologies, driven by the Internet of Things, have caused a sharp increase in data availability within the healthcare system. The newfound availability of data offers an unprecedented opportunity to develop new analytical methods to improve the quality of patient care. Data availability, however, is a double-edged sword. Malicious attacks and data breaches are increasingly seen in the healthcare field, which result in costly disruptions to operations. Adversaries exploit analytic models to infer participation in a dataset or estimate sensitivity attributes about a target patient. This paper is aimed at developing a differentially private gradient-based mechanism and assessing its utility in mitigating the impact of these attack risks within the context of the intensive care units. Experimental results showed that this methodology is capable of greatly reducing the risk of model inversion while retaining model accuracy. Thus, health systems that employ this technique can be given more peace of mind that high-quality services can be delivered in such a way that privacy is preserved.

Naif A. Ganadily,Han J. Xia

2024-06-23

Abstract:An Electronic Health Record (EHR) is an electronic database used by healthcare providers to store patients' medical records which may include diagnoses, treatments, costs, and other personal information. Machine learning (ML) algorithms can be used to extract and analyze patient data to improve patient care. Patient records contain highly sensitive information, such as social security numbers (SSNs) and residential addresses, which introduces a need to apply privacy-preserving techniques for these ML models using federated learning and differential privacy.

Machine Learning,Cryptography and Security,Emerging Technologies

Mehdi Letafati,Safa Otoum

2023-08-21

Abstract:Metaverse-enabled digital healthcare systems are expected to exploit an unprecedented amount of personal health data, while ensuring that sensitive or private information of individuals are not disclosed. Machine learning and artificial intelligence (ML/AI) techniques can be widely utilized in metaverse healthcare systems, such as virtual clinics and intelligent consultations. In such scenarios, the key challenge is that data privacy laws might not allow virtual clinics to share their medical data with other parties. Moreover, clinical AI/ML models themselves carry extensive information about the medical datasets, such that private attributes can be easily inferred by malicious actors in the metaverse (if not rigorously privatized). In this paper, inspired by the idea of "incognito mode", which has recently been developed as a promising solution to safeguard metaverse users' privacy, we propose global differential privacy for the distributed metaverse healthcare systems. In our scheme, a randomized mechanism in the format of artificial "mix-up" noise is applied to the federated clinical ML/AI models before sharing with other peers. This way, we provide an adjustable level of distributed privacy against both the malicious actors and honest-but curious metaverse servers. Our evaluations on breast cancer Wisconsin dataset (BCWD) highlight the privacy-utility trade-off (PUT) in terms of diagnosis accuracy and loss function for different levels of privacy. We also compare our private scheme with the non-private centralized setup in terms of diagnosis accuracy.

Cryptography and Security

Yoo Jeong Ha,Minjae Yoo,Gusang Lee,Soyi Jung,Sae Won Choi,Joongheon Kim,Seehwan Yoo

DOI: https://doi.org/10.48550/arXiv.2108.10147

IF: 5.414

2021-08-20

Machine Learning

Abstract:Machine learning requires a large volume of sample data, especially when it is used in high-accuracy medical applications. However, patient records are one of the most sensitive private information that is not usually shared among institutes. This paper presents spatio-temporal split learning, a distributed deep neural network framework, which is a turning point in allowing collaboration among privacy-sensitive organizations. Our spatio-temporal split learning presents how distributed machine learning can be efficiently conducted with minimal privacy concerns. The proposed split learning consists of a number of clients and a centralized server. Each client has only has one hidden layer, which acts as the privacy-preserving layer, and the centralized server comprises the other hidden layers and the output layer. Since the centralized server does not need to access the training data and trains the deep neural network with parameters received from the privacy-preserving layer, privacy of original data is guaranteed. We have coined the term, spatio-temporal split learning, as multiple clients are spatially distributed to cover diverse datasets from different participants, and we can temporally split the learning process, detaching the privacy preserving layer from the rest of the learning process to minimize privacy breaches. This paper shows how we can analyze the medical data whilst ensuring privacy using our proposed multi-site spatio-temporal split learning algorithm on Coronavirus Disease-19 (COVID-19) chest Computed Tomography (CT) scans, MUsculoskeletal RAdiographs (MURA) X-ray images, and cholesterol levels.

Jiahao Ding,Sai Mounika Errapotu,Yuanxiong Guo,Haixia Zhang,Dongfeng Yuan,Miao Pan

DOI: https://doi.org/10.1109/tbdata.2020.2997732

2020-01-01

IEEE Transactions on Big Data

Abstract:With the wide range application of machine learning in healthcare for helping humans drive crucial decisions, data privacy becomes an inevitable concern due to the utilization of sensitive data such as patients records and registers of a company. Thus, constructing a privacy preserving machine learning model while still maintaining high accuracy becomes a challenging problem. In this article, we propose two differentially private algorithms, i.e., Output Perturbation with aGM (OPERA) and Gradient Perturbation with aGM (GRPUA) for empirical risk minimization, a useful method to obtain a globally optimal classifier, by leveraging the analytic Gaussian mechanism (aGM) to achieve privacy preservation of sensitive medical data in a healthcare system. We theoretically analyze and prove utility upper bounds of proposed algorithms and compare them with prior algorithms in the literature. The analyses show that in the high privacy regime, our proposed algorithms can achieve a tighter utility bound for both settings: strongly convex and non-strongly convex loss functions. Besides, we evaluate the proposed private algorithms on five benchmark datasets. The simulation results demonstrate that our approaches can achieve higher accuracy and lower objective values compared with existing ones in all three datasets while providing differential privacy guarantees.

Christina Heinze-Deml,Brian McWilliams,Nicolai Meinshausen

DOI: https://doi.org/10.1002/sta4.189

2017-06-27

Abstract:Privacy is crucial in many applications of machine learning. Legal, ethical and societal issues restrict the sharing of sensitive data making it difficult to learn from datasets that are partitioned between many parties. One important instance of such a distributed setting arises when information about each record in the dataset is held by different data owners (the design matrix is "vertically-partitioned"). In this setting few approaches exist for private data sharing for the purposes of statistical estimation and the classical setup of differential privacy with a "trusted curator" preparing the data does not apply. We work with the notion of $(\epsilon,\delta)$-distributed differential privacy which extends single-party differential privacy to the distributed, vertically-partitioned case. We propose PriDE, a scalable framework for distributed estimation where each party communicates perturbed random projections of their locally held features ensuring $(\epsilon,\delta)$-distributed differential privacy is preserved. For $\ell_2$-penalized supervised learning problems PriDE has bounded estimation error compared with the optimal estimates obtained without privacy constraints in the non-distributed setting. We confirm this empirically on real world and synthetic datasets.

Machine Learning,Cryptography and Security,Distributed, Parallel, and Cluster Computing