Show simple item record

dc.contributor.authorGraves, Laura
dc.contributor.authorNagisetty, Vineel
dc.contributor.authorGanesh, Vijay 20:01:13 (GMT) 20:01:13 (GMT)
dc.description.abstractThe Right to be Forgotten is part of the recently enacted General Data Protection Regulation law that affects any data holder that has data on European Union residents. It gives EU residents the ability to request deletion of their data. This includes training records used to train any machine learning model that data holders might own. In particular, deep neural network models are vulnerable to model inversion attacks which extract class information from a trained model. If a malicious party can mount an attack and learn private information that was meant to be forgotten, then it implies that the model owner has not properly protected their user's rights and may not be compliant with the General Data Protection Regulation law. We present a general threat model to show that simply removing training data is insufficient to protect users. We further propose and evaluate three defense mechanisms (deemed neuron removal, scattered unlearning, and class unlearning) that could help model owners protect themselves against such attacks while being compliant with regulations. We show that these defense mechanisms enable deep neural networks to forget sensitive data from trained models while maintaining model efficacy. A copy of our code, which can be used to replicate our results, can be found at
dc.subjectMachine Learningen
dc.subjectAI Securityen
dc.subjectStandards Complianceen
dc.titleDoes AI Remember? Neural Networks and the Right to be Forgottenen
uws.contributor.affiliation1Faculty of Engineeringen
uws.contributor.affiliation2Electrical and Computer Engineeringen

Files in this item


This item appears in the following Collection(s)

Show simple item record


University of Waterloo Library
200 University Avenue West
Waterloo, Ontario, Canada N2L 3G1
519 888 4883

All items in UWSpace are protected by copyright, with all rights reserved.

DSpace software

Service outages