Privacy Preservation through Practical Machine Unlearning
Robert Dilworth
TL;DR
The paper tackles privacy concerns in ML by evaluating practical machine unlearning methods, focusing on Naive Retraining versus Exact Unlearning via the SISA framework on the HSpam14 dataset. It compares computational cost and consistency, finding that SISA-based unlearning preserves prediction performance for large datasets but incurs higher runtime, while Naive Retraining becomes impractical as data grows. The work outlines DaRE as a removal-enabled RF, discusses potential integration with Positive Unlabeled Learning to form a PUMU framework, and highlights challenges and future research directions for privacy-preserving AI. Overall, the study demonstrates the viability of structured unlearning for privacy compliance and trust, while acknowledging substantial computational trade-offs and risks of misuse.
Abstract
Machine Learning models thrive on vast datasets, continuously adapting to provide accurate predictions and recommendations. However, in an era dominated by privacy concerns, Machine Unlearning emerges as a transformative approach, enabling the selective removal of data from trained models. This paper examines methods such as Naive Retraining and Exact Unlearning via the SISA framework, evaluating their Computational Costs, Consistency, and feasibility using the $\texttt{HSpam14}$ dataset. We explore the potential of integrating unlearning principles into Positive Unlabeled (PU) Learning to address challenges posed by partially labeled datasets. Our findings highlight the promise of unlearning frameworks like $\textit{DaRE}$ for ensuring privacy compliance while maintaining model performance, albeit with significant computational trade-offs. This study underscores the importance of Machine Unlearning in achieving ethical AI and fostering trust in data-driven systems.