Logo
ScienceStack
Table of Contents
Fetching ...
Sign In

Privacy-Preserving Brain-Computer Interfaces: A Systematic Review

K. Xia, W. Duch, Y. Sun, K. Xu, W. Fang, H. Luo, Y. Zhang, D. Sang, X. Xu, F-Y Wang, D. Wu

TL;DR

This systematic review identifies and classifies privacy threats in brain-computer interfaces (BCIs) and surveys protection strategies. It highlights four inferrable private-information types in BCIs—personal accounts, preferences, physical state, and proprietary models—and details data-level and model-level attacks demonstrated across EEG/ERP studies, including identity inference and sensitive trait leakage. The paper surveys protection approaches, focusing on cryptography (HE, SMC, secure processors), perturbation (differential privacy, data reconstruction), and ML-aided systems, and notes that existing BCIs work largely addresses data-level privacy with limited ML-based privacy tools. It discusses practical challenges such as cross-subject EEG variability, utility-privacy trade-offs, computation costs, and evaluation, and proposes future directions like source-free transfer learning, federated learning, disentangled perturbations, and privacy benchmarks to advance privacy-preserving BCIs. Overall, the work aims to guide researchers and industry toward privacy-conscious BCI deployment and policy development, bridging technical methods with real-world privacy needs.

Abstract

A brain-computer interface (BCI) establishes a direct communication pathway between the human brain and a computer. It has been widely used in medical diagnosis, rehabilitation, education, entertainment, etc. Most research so far focuses on making BCIs more accurate and reliable, but much less attention has been paid to their privacy. Developing a commercial BCI system usually requires close collaborations among multiple organizations, e.g., hospitals, universities, and/or companies. Input data in BCIs, e.g., electroencephalogram (EEG), contain rich privacy information, and the developed machine learning model is usually proprietary. Data and model transmission among different parties may incur significant privacy threats, and hence privacy protection in BCIs must be considered. Unfortunately, there does not exist any contemporary and comprehensive review on privacy-preserving BCIs. This paper fills this gap, by describing potential privacy threats and protection strategies in BCIs. It also points out several challenges and future research directions in developing privacy-preserving BCIs.

Privacy-Preserving Brain-Computer Interfaces: A Systematic Review

TL;DR

This systematic review identifies and classifies privacy threats in brain-computer interfaces (BCIs) and surveys protection strategies. It highlights four inferrable private-information types in BCIs—personal accounts, preferences, physical state, and proprietary models—and details data-level and model-level attacks demonstrated across EEG/ERP studies, including identity inference and sensitive trait leakage. The paper surveys protection approaches, focusing on cryptography (HE, SMC, secure processors), perturbation (differential privacy, data reconstruction), and ML-aided systems, and notes that existing BCIs work largely addresses data-level privacy with limited ML-based privacy tools. It discusses practical challenges such as cross-subject EEG variability, utility-privacy trade-offs, computation costs, and evaluation, and proposes future directions like source-free transfer learning, federated learning, disentangled perturbations, and privacy benchmarks to advance privacy-preserving BCIs. Overall, the work aims to guide researchers and industry toward privacy-conscious BCI deployment and policy development, bridging technical methods with real-world privacy needs.

Abstract

A brain-computer interface (BCI) establishes a direct communication pathway between the human brain and a computer. It has been widely used in medical diagnosis, rehabilitation, education, entertainment, etc. Most research so far focuses on making BCIs more accurate and reliable, but much less attention has been paid to their privacy. Developing a commercial BCI system usually requires close collaborations among multiple organizations, e.g., hospitals, universities, and/or companies. Input data in BCIs, e.g., electroencephalogram (EEG), contain rich privacy information, and the developed machine learning model is usually proprietary. Data and model transmission among different parties may incur significant privacy threats, and hence privacy protection in BCIs must be considered. Unfortunately, there does not exist any contemporary and comprehensive review on privacy-preserving BCIs. This paper fills this gap, by describing potential privacy threats and protection strategies in BCIs. It also points out several challenges and future research directions in developing privacy-preserving BCIs.

Paper Structure

This paper contains 22 sections, 4 figures, 2 tables.

Table of Contents

  1. Introduction
  2. Private Information in BCIs
  3. Personal Account
  4. Personal Preferences
  5. Physical State
  6. Commercial Models
  7. Privacy Threats in BCIs
  8. Overview
  9. Data-Level Privacy Threats
  10. Model-Level Privacy Threats
  11. Privacy Threats in BCIs
  12. Possible Solutions to Privacy Threats in BCIs
  13. Cryptography
  14. Perturbation
  15. Machine Learning Aided Systems
  16. ...and 7 more sections

Figures (4)

  • Figure 1: Private information in BCIs.
  • Figure 2: Flowchart of a typical BCI system, with corresponding parts and privacy threats.
  • Figure 3: Privacy threat types.
  • Figure 4: Privacy protection approaches.