FinP: Fairness-in-Privacy in Federated Learning by Addressing Disparities in Privacy Risk
Tianyu Zhao, Mahmoud Srewa, Salma Elmalaki
TL;DR
This work tackles fairness in privacy for federated learning by addressing disparities in privacy risk across clients, focusing on source inference attacks. It introduces FinP, a two-pronged framework combining server-side adaptive aggregation with client-side regularization to reduce overfitting and thus privacy vulnerability. Through experiments on HAR and CIFAR-10, FinP improves fairness in privacy (e.g., substantial equal-opportunity gains on CIFAR-10) while maintaining near-baseline utility. The approach offers a practical alternative to differential privacy, achieving stronger fairness in privacy without prohibitive utility loss and with adaptable server-side and client-side components for real-world FL deployments.
Abstract
Ensuring fairness in machine learning extends to the critical dimension of privacy, particularly in human-centric federated learning (FL) settings where decentralized data necessitates an equitable distribution of privacy risk across clients. This paper introduces FinP, a novel framework specifically designed to address disparities in privacy risk by mitigating disproportionate vulnerability to source inference attacks (SIA). FinP employs a two-pronged strategy: (1) server-side adaptive aggregation, which dynamically adjusts client contributions to the global model to foster fairness, and (2) client-side regularization, which enhances the privacy robustness of individual clients. This comprehensive approach directly tackles both the symptoms and underlying causes of privacy unfairness in FL. Extensive evaluations on the Human Activity Recognition (HAR) and CIFAR-10 datasets demonstrate FinP's effectiveness, achieving improvement in fairness-in-privacy on HAR and CIFAR-10 with minimal impact on utility. FinP improved group fairness with respect to disparity in privacy risk using equal opportunity in CIFAR-10 by 57.14% compared to the state-of-the-art. Furthermore, FinP significantly mitigates SIA risks on CIFAR-10, underscoring its potential to establish fairness in privacy within FL systems without compromising utility.