Tootfinder

A Tight Context-aware Privacy Bound for Histogram Publication
Sara Saeidian (KTH Royal Institute of Technology, Inria Saclay), Ata Yavuzy{\i}lmaz (KTH Royal Institute of Technology), Leonhard Grosse (KTH Royal Institute of Technology), Georg Schuppe (SEBx), Tobias J. Oechtering (KTH Royal Institute of Technology)
https://arxiv.org/abs/2508…

A Tight Context-aware Privacy Bound for Histogram Publication
We analyze the privacy guarantees of the Laplace mechanism releasing the histogram of a dataset through the lens of pointwise maximal leakage (PML). While differential privacy is commonly used to quantify the privacy loss, it is a context-free definition that does not depend on the data distribution. In contrast, PML enables a more refined analysis by incorporating assumptions about the data distribution. We show that when the probability of each histogram bin is bounded away from zero, stronge…

9 months ago I had no plans to even try out Bluesky, because it was extremely centralized. Now, with Blacksky and others, I'm not so sure. https://privacy.thenexus.today/can-we-please-stop-arguing-about-whether-bluesky-is-decentralized/

Can we please stop arguing about whether Bluesky is decentralized?
Nobody's changing their minds at this point, and the discourse is really

Sixty-five countries sign a UN cybercrime treaty to share data and extradite suspects, despite privacy and security concerns from tech companies and activists (Lien Hoang/Nikkei Asia)
https://asia.nikkei.com/spotlight/cybe

UN cybercrime treaty signed in Hanoi despite security, privacy concerns
Countries meeting in Vietnam vow mutual help to collect data, extradite suspects

Can we make NeRF-based visual localization privacy-preserving?
Maxime Pietrantoni, Martin Humenberger, Torsten Sattler, Gabriela Csurka
https://arxiv.org/abs/2508.18971 https://…

Can we make NeRF-based visual localization privacy-preserving?
Visual localization (VL) is the task of estimating the camera pose in a known scene. VL methods, a.o., can be distinguished based on how they represent the scene, e.g., explicitly through a (sparse) point cloud or a collection of images or implicitly through the weights of a neural network. Recently, NeRF-based methods have become popular for VL. While NeRFs offer high-quality novel view synthesis, they inadvertently encode fine scene details, raising privacy concerns when deployed in cloud-bas…

FPF Submits Comments to Inform Colorado Minor Privacy Protections Rulemaking Process
https://fpf.org/blog/fpf-submits-comments-to-inform-colorado-minor-privacy-protections-rulemaking-process/
@…

What brain privacy will look like in the age of neurotech https://therecord.media/what-brain-privacy-will-look-like

Privacy-Preserving Distributed Control for a Networked Battery Energy Storage System
Mihitha Maithripala, Zongli Lin
https://arxiv.org/abs/2508.19345 https://

Privacy-Preserving Distributed Control for a Networked Battery Energy Storage System
The increasing deployment of distributed Battery Energy Storage Systems (BESSs) in modern power grids necessitates effective coordination strategies to ensure state-of-charge (SoC) balancing and accurate power delivery. While distributed control frameworks offer scalability and resilience, they also raise significant privacy concerns due to the need for inter-agent information exchange. This paper presents a novel privacy-preserving distributed control algorithm for SoC balancing in a networked…

Private Quantum Database
Giancarlo Gatti, Rihan Hai
https://arxiv.org/abs/2508.19055 https://arxiv.org/pdf/2508.19055…

Private Quantum Database
Quantum databases open an exciting new frontier in data management by offering privacy guarantees that classical systems cannot match. Traditional engines tackle user privacy, which hides the records being queried, or data privacy, which prevents a user from learning more than she has queried. We propose a quantum database that protects both by leveraging quantum mechanics: when the user measures her chosen basis, the superposition collapses and the unqueried rows become physically inaccessible…

Optimal Cox regression under federated differential privacy: coefficients and cumulative hazards
Elly K. H. Hung, Yi Yu
https://arxiv.org/abs/2508.19640 https://

Optimal Cox regression under federated differential privacy: coefficients and cumulative hazards
We study two foundational problems in distributed survival analysis: estimating Cox regression coefficients and cumulative hazard functions, under federated differential privacy constraints, allowing for heterogeneous per-sever sample sizes and privacy budgets. To quantify the fundamental cost of privacy, we derive minimax lower bounds along with matching (up to poly-logarithmic factors) upper bounds. In particular, to estimate the cumulative hazard function, we design a private tree-based algo…

Online age checks are proliferating, but so are concerns they curtail internet freedom (Barbara Ortutay/Associated Press)
https://apnews.com/article/age-verification-kids-social-media-privacy-speech-1cf99c96ab6b461cf7612d312e111e79
http://www.memeorandum.com/250828/p110#a250828p110

Tell me, when you need a photo for a document, aren't you worried that the photographer is using commercial software that will upload it somewhere, and that it will be used to train models?
I suspect the office issuing the documents isn't any better.
#privacy

Enhancing Model Privacy in Federated Learning with Random Masking and Quantization
Zhibo Xu, Jianhao Zhu, Jingwen Xu, Changze Lv, Zisu Huang, Xiaohua Wang, Muling Wu, Qi Qian, Xiaoqing Zheng, Xuanjing Huang
https://arxiv.org/abs/2508.18911

Enhancing Model Privacy in Federated Learning with Random Masking and Quantization
Experimental results across various models and tasks demonstrate that our approach not only maintains strong model performance in federated learning settings but also achieves enhanced protection of model parameters compared to baseline methods.

Federated Learning of Quantile Inference under Local Differential Privacy
Leheng Cai, Qirui Hu, Shuyuan Wu
https://arxiv.org/abs/2509.21800 https://arxiv.o…

Federated Learning of Quantile Inference under Local Differential Privacy
In this paper, we investigate federated learning for quantile inference under local differential privacy (LDP). We propose an estimator based on local stochastic gradient descent (SGD), whose local gradients are perturbed via a randomized mechanism with global parameters, making the procedure tolerant of communication and storage constraints without compromising statistical efficiency. Although the quantile loss and its corresponding gradient do not satisfy standard smoothness conditions typica…

The Double-edged Sword of LLM-based Data Reconstruction: Understanding and Mitigating Contextual Vulnerability in Word-level Differential Privacy Text Sanitization
Stephen Meisenbacher, Alexandra Klymenko, Andreea-Elena Bodea, Florian Matthes
https://arxiv.org/abs/2508.18976

The Double-edged Sword of LLM-based Data Reconstruction: Understanding and Mitigating Contextual Vulnerability in Word-level Differential Privacy Text Sanitization
Differentially private text sanitization refers to the process of privatizing texts under the framework of Differential Privacy (DP), providing provable privacy guarantees while also empirically defending against adversaries seeking to harm privacy. Despite their simplicity, DP text sanitization methods operating at the word level exhibit a number of shortcomings, among them the tendency to leave contextual clues from the original texts due to randomization during sanitization $\unicode{x2013}$…

Rao Differential Privacy
Carlos Soto
https://arxiv.org/abs/2508.17135 https://arxiv.org/pdf/2508.17135

Rao Differential Privacy
Differential privacy (DP) has recently emerged as a definition of privacy to release private estimates. DP calibrates noise to be on the order of an individuals contribution. Due to the this calibration a private estimate obscures any individual while preserving the utility of the estimate. Since the original definition, many alternate definitions have been proposed. These alternates have been proposed for various reasons including improvements on composition results, relaxations, and formaliza…

More on CBP treatment of Canadians at the US border, this time with CBP’s own statistics, which are interesting: https://www.cbc.ca/news/canada/windsor/us-canada-device-searches-1.7619944?cmp=rss

Surge in U.S. customs searches of electronic devices raises concerns about harsh treatment of Canadians | CBC News
U.S. Customs and Border Protection (CBP) reports a sharp rise in electronic device searches at crossings, raising concerns about privacy, discrimination and harsher scrutiny of Canadians. "There's a lot of fear going into the United States," a Toronto-based immigration lawyer says.

Efficient and Privacy-Protecting Background Removal for 2D Video Streaming using iPhone 15 Pro Max LiDAR
Jessica Kinnevan, Naifa Alqahtani, Toral Chauhan
https://arxiv.org/abs/2508.20250

Efficient and Privacy-Protecting Background Removal for 2D Video Streaming using iPhone 15 Pro Max LiDAR
Light Detection and Ranging (LiDAR) technology in consumer-grade mobile devices can be used as a replacement for traditional background removal and compositing techniques. Unlike approaches such as chroma keying and trained AI models, LiDAR's depth information is independent of subject lighting, and performs equally well in low-light and well-lit environments. We integrate the LiDAR and color cameras on the iPhone 15 Pro Max with GPU-based image processing. We use Apple's SwiftUI and Swift fram…

"Nobody should control the end user": Exploring Privacy Perspectives of Indian Internet Users in Light of DPDPA
Sana Athar, Devashish Gosain, Anja Feldmann, Mannat Kaur, Ha Dao
https://arxiv.org/abs/2508.17962

"Nobody should control the end user": Exploring Privacy Perspectives of Indian Internet Users in Light of DPDPA
With the rapid increase in online interactions, concerns over data privacy and transparency of data processing practices have become more pronounced. While regulations like the GDPR have driven the widespread adoption of cookie banners in the EU, India's Digital Personal Data Protection Act (DPDPA) promises similar changes domestically, aiming to introduce a framework for data protection. However, certain clauses within the DPDPA raise concerns about potential infringements on user privacy, giv…

Kmart’s use of facial recognition to tackle refund fraud unlawful, Australia's Privacy Commissioner finds
https://www.oaic.gov.au/news/media-centre/18-kmarts-use-of-facial-recognition-to-tackle-refun…

Kmart’s use of facial recognition to tackle refund fraud unlawful, Privacy Commissioner finds
The Privacy Commissioner has found that Kmart breached Australians’ privacy by collecting their personal and sensitive information through a facial recognition technology system.

CON-QA: Privacy-Preserving QA using cloud LLMs in Contract Domain
Ajeet Kumar Singh, Rajsabi Surya, Anurag Tripathi, Santanu Choudhury, Sudhir Bisane
https://arxiv.org/abs/2509.19925

CON-QA: Privacy-Preserving QA using cloud LLMs in Contract Domain
As enterprises increasingly integrate cloud-based large language models (LLMs) such as ChatGPT and Gemini into their legal document workflows, protecting sensitive contractual information - including Personally Identifiable Information (PII) and commercially sensitive clauses - has emerged as a critical challenge. In this work, we propose CON-QA, a hybrid privacy-preserving framework designed specifically for secure question answering over enterprise contracts, effectively combining local and c…

Ohhhh, hab ich gerade ein informative Website zum Thema "sicheres anonymes Surfen uvm." im Internet gefunden
https://privacy-handbuch.de/index.htm

Privacy-Preserving Performance Profiling of In-The-Wild GPUs
Ian McDougall, Michael Davies, Rahul Chatterjee, Somesh Jha, Karthikeyan Sankaralingam
https://arxiv.org/abs/2509.21762

Privacy-Preserving Performance Profiling of In-The-Wild GPUs
GPUs are the dominant platform for many important applications today including deep learning, accelerated computing, and scientific simulation. However, as the complexity of both applications and hardware increases, GPU chip manufacturers face a significant challenge: how to gather comprehensive performance characteristics and value profiles from GPUs deployed in real-world scenarios. Such data, encompassing the types of kernels executed and the time spent in each, is crucial for optimizing chi…

Apparently I missed that as of last year, Proton now has Docs (https://proton.me/drive/docs) as an alternative to real-time editing via Google Docs (or Word docs). As of now, it appears Proton only has Docs for word processing and not one like Google Sheets for spreadsheets (yet? I'll need that functionality …

Create and collaborate on docs with total privacy | Proton
Proton Docs is end-to-end encrypted so your work stays safe from data breaches, online surveillance, and can never be fed into privacy-invading AI models.

A Scenario-Oriented Survey of Federated Recommender Systems: Techniques, Challenges, and Future Directions
Yunqi Mi, Jiakui Shen, Guoshuai Zhao, Jialie Shen, Xueming Qian
https://arxiv.org/abs/2508.19620

A Scenario-Oriented Survey of Federated Recommender Systems: Techniques, Challenges, and Future Directions
Extending recommender systems to federated learning (FL) frameworks to protect the privacy of users or platforms while making recommendations has recently gained widespread attention in academia. This is due to the natural coupling of recommender systems and federated learning architectures: the data originates from distributed clients (mostly mobile devices held by users), which are highly related to privacy. In a centralized recommender system (CenRec), the central server collects clients' da…

Cory @… Doctorow in a must-read on Apple, the EU, privacy and the absolute need to get rid of facist-adjacent (or fully fascist) tech infrastructure.
https://…

Differentially-Private Decentralized Learning in Heterogeneous Multicast Networks
Amir Ziaeddini, Yauhen Yakimenka, J\"org Kliewer
https://arxiv.org/abs/2509.21688 https://…

Differentially-Private Decentralized Learning in Heterogeneous Multicast Networks
We propose a power-controlled differentially private decentralized learning algorithm designed for a set of clients aiming to collaboratively train a common learning model. The network is characterized by a row-stochastic adjacency matrix, which reflects different channel gains between the clients. In our privacy-preserving approach, both the transmit power for model updates and the level of injected Gaussian noise are jointly controlled to satisfy a given privacy and energy budget. We show tha…

Tor browser's great - but for more complete privacy protection, you need to add this
When you use the @… Browser, the only network traffic that's being masked is via the web browser. If you want more traffic anonymized and encrypted, you need to take a different approach.
🧅

Tor browser's great - but for more complete privacy protection, you need to add this
When you use the Tor Browser, the only network traffic that's being masked is via the web browser. If you want more traffic anonymized and encrypted, you need to take a different approach.

AI – I am here to help; would you like to chat?
 
 
Artificial Intelligence (AI) of one type of another is now a part of most of the applications and services we use on the Internet. In spite of AI’s helpful features, there are hidden dangers in most of the common AI applications and services. Most people are not aware that AI is not just being helpful – it is recording, storing and sharing information about our activities. This information can be helpful to autocrats in their…

Ktoś powinien zrobić diagram.
#PGP (Pretty Good Privacy) to oryginalne, własnościowe narzędzie. Z niego wyprowadzono otwarty standard #OpenPGP. Ten standard zaimplementowano w #GPG (GNU Privacy Guard), którego autorzy p…

Piracy is privacy

A Study of Privacy-preserving Language Modeling Approaches
Pritilata Saha, Abhirup Sinha
https://arxiv.org/abs/2508.15421 https://arxiv.org/pdf/2508.15421

A Study of Privacy-preserving Language Modeling Approaches
Recent developments in language modeling have increased their use in various applications and domains. Language models, often trained on sensitive data, can memorize and disclose this information during privacy attacks, raising concerns about protecting individuals' privacy rights. Preserving privacy in language models has become a crucial area of research, as privacy is one of the fundamental human rights. Despite its significance, understanding of how much privacy risk these language models p…

Anthropic requires users to accept new terms by September 28, including choosing whether new chats and coding sessions can be used to train AI models (Anthropic)
https://www.anthropic.com/news/updates-to-our-consumer-terms

Updates to Consumer Terms and Privacy Policy
Anthropic is an AI safety and research company that's working to build reliable, interpretable, and steerable AI systems.

So “MAP activist” and self admitted groomer Katie Cruz is mass reporting and privacy striking anyone who covers her. Spread the word, but be careful. She’s already threatened one YouTuber’s life over it. #fediblock #psa

RL-Finetuned LLMs for Privacy-Preserving Synthetic Rewriting
Zhan Shi, Yefeng Yuan, Yuhong Liu, Liang Cheng, Yi Fang
https://arxiv.org/abs/2508.19286 https://

RL-Finetuned LLMs for Privacy-Preserving Synthetic Rewriting
The performance of modern machine learning systems depends on access to large, high-quality datasets, often sourced from user-generated content or proprietary, domain-specific corpora. However, these rich datasets inherently contain sensitive personal information, raising significant concerns about privacy, data security, and compliance with regulatory frameworks. While conventional anonymization techniques can remove explicit identifiers, such removal may result in performance drop in downstre…

Bontebal #CDA wil encryptie en privacy offeren "laat politie meekijken in besloten telegram en signal appgroepen, etc." en Wilders #PVV gaat enigszins schrap staan voor privacy.
Wie is hier nou de grootste #fascist?…

The Privacy Paradox
Hadn’t realised that this short piece on privacy by Al Jazeera that I contributed to had aired. Apparently did mid August :)
https://www.aljazeera.com/video/aljazeerauntangles/2025/8/13/the-privacy-paradox

The Privacy Paradox
We claim to value privacy, but surrender it daily, often without knowing.

Been using Monero for 5 years now, and I can’t believe how fast the time has gone by, it feels like just yesterday I started. Over that time, I’ve even used it to pay for clothes, which might sound a bit unusual but it works, and I also use it to pay for privacy services like Mullvad and iVPN since they accept XMR.
Honestly, I’m probably one of the few people who still uses Monero on a weekly basis, not just holding it but actually spending it the way it was meant to be used, which is …

Google is phasing out its Privacy Sandbox technologies; the initiative was launched in 2019 to develop privacy-protecting tech to replace third-party cookies (Kendra Barnett/Adweek)
https://www.adweek.com/media/googles-privacy-sandbox-is-officially-dead/

Google’s Privacy Sandbox Is Officially Dead
The elimination of many remaining Privacy Sandbox APIs come six months after third-party cookies got a reprieve in Chrome.

AI Ethics Education in India: A Syllabus-Level Review of Computing Courses
Anshu M Mittal, P D Parthasarathy, Swaroop Joshi
https://arxiv.org/abs/2509.22329 https://

AI Ethics Education in India: A Syllabus-Level Review of Computing Courses
The pervasive integration of artificial intelligence (AI) across domains such as healthcare, governance, finance, and education has intensified scrutiny of its ethical implications, including algorithmic bias, privacy risks, accountability, and societal impact. While ethics has received growing attention in computer science (CS) education more broadly, the specific pedagogical treatment of {AI ethics} remains under-examined. This study addresses that gap through a large-scale analysis of 3,395 …

Want to run AI models on your laptop/PC but don't have an NVIDIA card? No problem.
#AI

Tinker with LLMs in the privacy of your own home using Llama.cpp
Hands on: Everything you need to know to build, run, serve, optimize and quantize models on your PC

hey. hey do you know the `-----BEGIN PRIVATE KEY-----` thing you see in files with key material? the files whose name ends in .pem? do you know what .pem stands for?
i just learned it stands for "Privacy-Enhanced Mail" https://en.wikipedia.org/wiki/Privacy-Enhanced_Mail

It's time for San Francisco to follow Austin's and Evanston's lead and end its Flock contract.
https://m.ai6yr.org/@ai6yr/115273074215468855

Cities reverse course on automated license plate reader cameras amid privacy concerns https://therecord.media/cities-reverse-course-on-automated-license-plate-reader-cameras

SecureV2X: An Efficient and Privacy-Preserving System for Vehicle-to-Everything (V2X) Applications
Joshua Lee, Ali Arastehfard, Weiran Liu, Xuegang Ban, Yuan Hong
https://arxiv.org/abs/2508.19115

SecureV2X: An Efficient and Privacy-Preserving System for Vehicle-to-Everything (V2X) Applications
Autonomous driving and V2X technologies have developed rapidly in the past decade, leading to improved safety and efficiency in modern transportation. These systems interact with extensive networks of vehicles, roadside infrastructure, and cloud resources to support their machine learning capabilities. However, the widespread use of machine learning in V2X systems raises issues over the privacy of the data involved. This is particularly concerning for smart-transit and driver safety application…

Whistleblower says Trump officials copied millions of Social Security numbers (Geoff Brumfiel/NPR)
https://www.npr.org/2025/08/26/nx-s1-5517977/social-security-doge-privacy
http://www.memeorandum.com/250826/p127#a250826p127

A joint investigation by Canadian privacy authorities finds TikTok collected sensitive personal data from hundreds of thousands of Canadian children under 13 (Catharine Tunney/CBC News)
https://www.cbc.ca/news/politics/tiktok-privacy-commissioners-1.7640974…

Privacy commissioners find TikTok collected sensitive data from Canadian children | CBC News
TikTok's tools to keep children off its platform were largely ineffective and the immensely popular social media app was collecting sensitive information from underage users, a joint investigation from Canadian privacy authorities found.

Tackling Federated Unlearning as a Parameter Estimation Problem
Antonio Balordi, Lorenzo Manini, Fabio Stella, Alessio Merlo
https://arxiv.org/abs/2508.19065 https://

Tackling Federated Unlearning as a Parameter Estimation Problem
Privacy regulations require the erasure of data from deep learning models. This is a significant challenge that is amplified in Federated Learning, where data remains on clients, making full retraining or coordinated updates often infeasible. This work introduces an efficient Federated Unlearning framework based on information theory, modeling leakage as a parameter estimation problem. Our method uses second-order Hessian information to identify and selectively reset only the parameters most se…

Mind the Third Eye! Benchmarking Privacy Awareness in MLLM-powered Smartphone Agents
Zhixin Lin, Jungang Li, Shidong Pan, Yibo Shi, Yue Yao, Dongliang Xu
https://arxiv.org/abs/2508.19493

Mind the Third Eye! Benchmarking Privacy Awareness in MLLM-powered Smartphone Agents
Smartphones bring significant convenience to users but also enable devices to extensively record various types of personal information. Existing smartphone agents powered by Multimodal Large Language Models (MLLMs) have achieved remarkable performance in automating different tasks. However, as the cost, these agents are granted substantial access to sensitive users' personal information during this operation. To gain a thorough understanding of the privacy awareness of these agents, we present …

Position: Human-Robot Interaction in Embodied Intelligence Demands a Shift From Static Privacy Controls to Dynamic Learning
Shuning Zhang, Hong Jia, Simin Li, Ting Dang, Yongquan `Owen' Hu, Xin Yi, Hewu Li
https://arxiv.org/abs/2509.19041

Generative Adversarial Networks Applied for Privacy Preservation in Biometric-Based Authentication and Identification
Lubos Mjachky, Ivan Homoliak
https://arxiv.org/abs/2509.20024

Generative Adversarial Networks Applied for Privacy Preservation in Biometric-Based Authentication and Identification
Biometric-based authentication systems are getting broadly adopted in many areas. However, these systems do not allow participating users to influence the way their data is used. Furthermore, the data may leak and can be misused without the users' knowledge. In this paper, we propose a new authentication method that preserves the privacy of individuals and is based on a generative adversarial network (GAN). Concretely, we suggest using the GAN for translating images of faces to a visually priva…

Apple says the UK CMA's proposed "EU-style" regulation is "bad for users and bad for developers", "undermines" privacy and security, and "hampers" innovation (Chris Vallance/BBC)
https://www.bbc.com/news/articles/ckgj9kjmvzzo

Apple warns UK against introducing tougher tech regulation
The iPhone maker is pushing back against proposed changes required by the UK competition watchdog

Crosslisted article(s) found for cs.AI. https://arxiv.org/list/cs.AI/new
[5/6]:
- Enhancing Model Privacy in Federated Learning with Random Masking and Quantization
Xu, Zhu, Xu, Lv, Huang, Wang, Wu, Qian, Zheng, Huang

Every Keystroke You Make: A Tech-Law Measurement and Analysis of Event Listeners for Wiretapping
Shaoor Munir, Nurullah Demir, Qian Li, Konrad Kollnig, Zubair Shafiq
https://arxiv.org/abs/2508.19825

Every Keystroke You Make: A Tech-Law Measurement and Analysis of Event Listeners for Wiretapping
The privacy community has a long track record of investigating emerging types of web tracking techniques. Recent work has focused on compliance of web trackers with new privacy laws such as Europe's GDPR and California's CCPA. Despite the growing body of research documenting widespread lack of compliance with new privacy laws, there is a lack of robust enforcement. Different from prior work, we conduct a tech-law analysis to map decades-old U.S. laws about interception of electronic communicati…

https://decrypt.co/341631/uks-new-digital-id-scheme-target-for-hackers
UK’s New Digital ID Scheme ‘Target for Hackers’

UK’s New Digital ID Scheme ‘Target for Hackers’
Tech experts have highlighted privacy and security risks in the UK government’s new mandatory Digital ID card scheme.

Protect your privacy – browsers and search engines
 
Surveillance has always been a core part of fascist regimes. This is still true today, but is even more dangerous due to new data aggregation and AI technologies. The Internet sites you visit and the things you search for become a part of the larger surveillance database of your activities. You can take action now to reduce the risk to yourself, your friends and your loved ones while you browse the Internet. You should start now …

Google, period-tracking app to pay combined $56 million to settle privacy claims https://therecord.media/google-flo-health-settle-privacy-class-action

Swiss government looks to undercut privacy tech, stoking fears of mass surveillance
The Swiss government could soon require service providers with more than 5,000 users to collect government-issued identification, retain subscriber data for six months and, in many cases, disable encryption.
🇨🇭 https://

Swiss government looks to undercut privacy tech, stoking fears of mass surveillance
Swiss-based providers of secure email, VPNs and other digital services say a pending government proposal would be catastrophic to their ability to protect the privacy of users.

A Model-agnostic Strategy to Mitigate Embedding Degradation in Personalized Federated Recommendation
Jiakui Shen, Yunqi Mi, Guoshuai Zhao, Jialie Shen, Xueming Qian
https://arxiv.org/abs/2508.19591

A Model-agnostic Strategy to Mitigate Embedding Degradation in Personalized Federated Recommendation
Centralized recommender systems encounter privacy leakage due to the need to collect user behavior and other private data. Hence, federated recommender systems (FedRec) have become a promising approach with an aggregated global model on the server. However, this distributed training paradigm suffers from embedding degradation caused by suboptimal personalization and dimensional collapse, due to the existence of sparse interactions and heterogeneous preferences. To this end, we propose a novel m…

Hm...
This seems interesting.
https://codeberg.org/rozodru/Bridge

Bridge
A Privacy focused and Fediverse integrated fork of Firefox

While facial recognition tech remains unregulated at the US federal level, 23 states have passed or expanded laws to restrict mass scraping of biometric data (Bobby Allyn/NPR)
https://www.npr.org/2025/08/28/nx-s1-5519756/biometrics-facial-recognition-l…

Monitoring Violations of Differential Privacy over Time
\"Onder Askin, Tim Kutta, Holger Dette
https://arxiv.org/abs/2509.20283 https://arxiv.org/pdf/…

Monitoring Violations of Differential Privacy over Time
Auditing differential privacy has emerged as an important area of research that supports the design of privacy-preserving mechanisms. Privacy audits help to obtain empirical estimates of the privacy parameter, to expose flawed implementations of algorithms and to compare practical with theoretical privacy guarantees. In this work, we investigate an unexplored facet of privacy auditing: the sustained auditing of a mechanism that can go through changes during its development or deployment. Monito…

Federated Flow Matching
Zifan Wang, Anqi Dong, Mahmoud Selim, Michael M. Zavlanos, Karl H. Johansson
https://arxiv.org/abs/2509.21250 https://arxiv.org/pdf…

Federated Flow Matching
Data today is decentralized, generated and stored across devices and institutions where privacy, ownership, and regulation prevent centralization. This motivates the need to train generative models directly from distributed data locally without central aggregation. In this paper, we introduce Federated Flow Matching (FFM), a framework for training flow matching models under privacy constraints. Specifically, we first examine FFM-vanilla, where each client trains locally with independent source …

SynPAIN: A Synthetic Dataset of Pain and Non-Pain Facial Expressions
Babak Taati, Muhammad Muzammil, Yasamin Zarghami, Abhishek Moturu, Airhossein Kazerouni, Hailey Reimer, Alex Mihailidis, Thomas Hadjistavropoulos
https://arxiv.org/abs/2507.19673

SynPAIN: A Synthetic Dataset of Pain and Non-Pain Facial Expressions
Accurate pain assessment in patients with limited ability to communicate, such as older adults with dementia, represents a critical healthcare challenge. Robust automated systems of pain detection may facilitate such assessments. Existing pain detection datasets, however, suffer from limited ethnic/racial diversity, privacy constraints, and underrepresentation of older adults who are the primary target population for clinical deployment. We present SynPAIN, a large-scale synthetic dataset conta…

CON-QA: Privacy-Preserving QA using cloud LLMs in Contract Domain
Ajeet Kumar Singh, Rajsabi Surya, Anurag Tripathi, Santanu Choudhury, Sudhir Bisane
https://arxiv.org/abs/2509.19925

CON-QA: Privacy-Preserving QA using cloud LLMs in Contract Domain
As enterprises increasingly integrate cloud-based large language models (LLMs) such as ChatGPT and Gemini into their legal document workflows, protecting sensitive contractual information - including Personally Identifiable Information (PII) and commercially sensitive clauses - has emerged as a critical challenge. In this work, we propose CON-QA, a hybrid privacy-preserving framework designed specifically for secure question answering over enterprise contracts, effectively combining local and c…

»The Privacy Theater of Hashed PII:
A 2020 MacBook Air can hash every North American phone number in four hours«
Good article that clearly shows that only hashing alone is not yet data safe. That's where HMAC belongs at the SHA-2 min. but also not to save passwords and the same.
🤷 https://

The Privacy Theater of Hashed PII
It takes a 2020 Macbook Air four hours to hash every North American phone number

EnerSwap: Large-Scale, Privacy-First Automated Market Maker for V2G Energy Trading
Ahmed Mounsf Rafik Bendada, Yacine Ghamri-Doudane
https://arxiv.org/abs/2508.18942 https://

EnerSwap: Large-Scale, Privacy-First Automated Market Maker for V2G Energy Trading
With the rapid growth of Electric Vehicle (EV) technology, EVs are destined to shape the future of transportation. The large number of EVs facilitates the development of the emerging vehicle-to-grid (V2G) technology, which realizes bidirectional energy exchanges between EVs and the power grid. This has led to the setting up of electricity markets that are usually confined to a small geographical location, often with a small number of participants. Usually, these markets are manipulated by inter…

Closer to Reality: Practical Semi-Supervised Federated Learning for Foundation Model Adaptation
Guangyu Sun, Jingtao Li, Weiming Zhuang, Chen Chen, Chen Chen, Lingjuan Lyu
https://arxiv.org/abs/2508.16568

Closer to Reality: Practical Semi-Supervised Federated Learning for Foundation Model Adaptation
Foundation models (FMs) exhibit remarkable generalization but require adaptation to downstream tasks, particularly in privacy-sensitive applications. Due to data privacy regulations, cloud-based FMs cannot directly access private edge data, limiting their adaptation. Federated learning (FL) provides a privacy-aware alternative, but existing FL approaches overlook the constraints imposed by edge devices -- namely, limited computational resources and the scarcity of labeled data. To address these…

Cory Doctorow gets it – Time to download privacy apps now
The Dictator/Fascist/Authoritarian playbook is well understood. Surveillance is a key part of the effort to dominate and punish individuals who engage in legal dissent or opposition. The recent decision by Apple and Google to remove the ICEBlock application from their app stores is a good example of how this control plays out.
Our mobile phones are the main platform that we use to send and receive text and email messages.…

Towards the ideals of Self-Recovery and Metadata Privacy in Social Vault Recovery
Shailesh Mishra, Simone Colombo, Pasindu Tennage, Martin Burkhart, Bryan Ford
https://arxiv.org/abs/2507.19484

Towards the ideals of Self-Recovery and Metadata Privacy in Social Vault Recovery
Social key recovery mechanisms enable users to recover their vaults with the help of trusted contacts, or trustees, avoiding the need for a single point of trust or memorizing complex strings. However, existing mechanisms overlook the memorability demands on users for recovery, such as the need to recall a threshold number of trustees. Therefore, we first formalize the notion of recovery metadata in the context of social key recovery, illustrating the tradeoff between easing the burden of memor…

No Prior, No Leakage: Revisiting Reconstruction Attacks in Trained Neural Networks
Yehonatan Refael, Guy Smorodinsky, Ofir Lindenbaum, Itay Safran
https://arxiv.org/abs/2509.21296

No Prior, No Leakage: Revisiting Reconstruction Attacks in Trained Neural Networks
The memorization of training data by neural networks raises pressing concerns for privacy and security. Recent work has shown that, under certain conditions, portions of the training set can be reconstructed directly from model parameters. Some of these methods exploit implicit bias toward margin maximization, suggesting that properties often regarded as beneficial for generalization may actually compromise privacy. Yet despite striking empirical demonstrations, the reliability of these attacks…

Google is phasing out its Privacy Sandbox technologies; the initiative was launched in 2019 to develop privacy-protecting tech to replace third-party cookies (Kendra Barnett/Adweek)
https://www.adweek.com/media/googles-privacy-sandbox-is-officially-dead/

Google’s Privacy Sandbox Is Officially Dead
The elimination of many remaining Privacy Sandbox APIs come six months after third-party cookies got a reprieve in Chrome.

State attorneys general stepping up privacy enforcement, watchdog finds https://therecord.media/state-ags-enforcement-privacy-law

ZAPS: A Zero-Knowledge Proof Protocol for Secure UAV Authentication with Flight Path Privacy
Shayesta Naziri, Xu Wang, Guangsheng Yu, Christy Jie Liang, Wei Ni
https://arxiv.org/abs/2508.17043

ZAPS: A Zero-Knowledge Proof Protocol for Secure UAV Authentication with Flight Path Privacy
The increasing deployment of Unmanned Aerial Vehicles (UAVs) for military, commercial, and logistics applications has raised significant concerns regarding flight path privacy. Conventional UAV communication systems often expose flight path data to third parties, making them vulnerable to tracking, surveillance, and location inference attacks. Existing encryption techniques provide security but fail to ensure complete privacy, as adversaries can still infer movement patterns through metadata an…

FEST: A Unified Framework for Evaluating Synthetic Tabular Data
Weijie Niu, Alberto Huertas Celdran, Karoline Siarsky, Burkhard Stiller
https://arxiv.org/abs/2508.16254 https://…

FEST: A Unified Framework for Evaluating Synthetic Tabular Data
Synthetic data generation, leveraging generative machine learning techniques, offers a promising approach to mitigating privacy concerns associated with real-world data usage. Synthetic data closely resembles real-world data while maintaining strong privacy guarantees. However, a comprehensive assessment framework is still missing in the evaluation of synthetic data generation, especially when considering the balance between privacy preservation and data utility in synthetic data. This research…

FedProtoKD: Dual Knowledge Distillation with Adaptive Class-wise Prototype Margin for Heterogeneous Federated Learning
Md Anwar Hossen, Fatema Siddika, Wensheng Zhang, Anuj Sharma, Ali Jannesari
https://arxiv.org/abs/2508.19009

FedProtoKD: Dual Knowledge Distillation with Adaptive Class-wise Prototype Margin for Heterogeneous Federated Learning
Heterogeneous Federated Learning (HFL) has gained attention for its ability to accommodate diverse models and heterogeneous data across clients. Prototype-based HFL methods emerge as a promising solution to address statistical heterogeneity and privacy challenges, paving the way for new advancements in HFL research. This method focuses on sharing only class-representative prototypes among heterogeneous clients. However, these prototypes are often aggregated on the server using weighted averagin…

Privacy-Preserving Federated Learning Framework for Risk-Based Adaptive Authentication
Yaser Baseri, Abdelhakim Senhaji Hafid, Dimitrios Makrakis, Hamidreza Fereidouni
https://arxiv.org/abs/2508.18453 …

Privacy-Preserving Federated Learning Framework for Risk-Based Adaptive Authentication
Balancing robust security with strong privacy guarantees is critical for Risk-Based Adaptive Authentication (RBA), particularly in decentralized settings. Federated Learning (FL) offers a promising solution by enabling collaborative risk assessment without centralizing user data. However, existing FL approaches struggle with Non-Independent and Identically Distributed (Non-IID) user features, resulting in biased, unstable, and poorly generalized global models. This paper introduces FL-RBA2, a n…

Switzerland proposes regulations forcing service providers to collect user IDs and disable encryption, threatening its status as a haven for privacy tech firms (Suzanne Smalley/The Record)
https://therecord.media/switzerland-digital-privacy-law-proton-priv…

Swiss government looks to undercut privacy tech, stoking fears of mass surveillance
Switzerland-based providers of secure email, VPNs and other digital services say a pending government proposal would be catastrophic to their ability to protect the privacy of users.

Exposing Privacy Risks in Graph Retrieval-Augmented Generation
Jiale Liu, Jiahao Zhang, Suhang Wang
https://arxiv.org/abs/2508.17222 https://arxiv.org/pdf/…

Exposing Privacy Risks in Graph Retrieval-Augmented Generation
Retrieval-Augmented Generation (RAG) is a powerful technique for enhancing Large Language Models (LLMs) with external, up-to-date knowledge. Graph RAG has emerged as an advanced paradigm that leverages graph-based knowledge structures to provide more coherent and contextually rich answers. However, the move from plain document retrieval to structured graph traversal introduces new, under-explored privacy risks. This paper investigates the data extraction vulnerabilities of the Graph RAG systems…

Privacy startup Duality says it has developed a private LLM inference framework that uses fully homomorphic encryption to let LLMs answer encrypted prompts (Rina Diane Caballar/IEEE Spectrum)
https://spectrum.ieee.org/homomorphic-encryption-llm

Homomorphic Encryption LLM Secures AI Chats
Can your chatbot keep secrets? Discover how Duality's tech is changing the privacy game for AI conversations.

Privacy in Action: Towards Realistic Privacy Mitigation and Evaluation for LLM-Powered Agents
Shouju Wang, Fenglin Yu, Xirui Liu, Xiaoting Qin, Jue Zhang, Qingwei Lin, Dongmei Zhang, Saravan Rajmohan
https://arxiv.org/abs/2509.17488

Privacy in Action: Towards Realistic Privacy Mitigation and Evaluation for LLM-Powered Agents
The increasing autonomy of LLM agents in handling sensitive communications, accelerated by Model Context Protocol (MCP) and Agent-to-Agent (A2A) frameworks, creates urgent privacy challenges. While recent work reveals significant gaps between LLMs' privacy Q&A performance and their agent behavior, existing benchmarks remain limited to static, simplified scenarios. We present PrivacyChecker, a model-agnostic, contextual integrity based mitigation approach that effectively reduces privacy leakage…

Emerging Paradigms for Securing Federated Learning Systems
Amr Akmal Abouelmagd, Amr Hilal
https://arxiv.org/abs/2509.21147 https://arxiv.org/pdf/2509.2114…

Emerging Paradigms for Securing Federated Learning Systems
Federated Learning (FL) facilitates collaborative model training while keeping raw data decentralized, making it a conduit for leveraging the power of IoT devices while maintaining privacy of the locally collected data. However, existing privacy- preserving techniques present notable hurdles. Methods such as Multi-Party Computation (MPC), Homomorphic Encryption (HE), and Differential Privacy (DP) often incur high compu- tational costs and suffer from limited scalability. This survey examines em…

Can You Trust Your Copilot? A Privacy Scorecard for AI Coding Assistants
Amir AL-Maamari
https://arxiv.org/abs/2509.20388 https://arxiv.org/pdf/2509.20388

Can You Trust Your Copilot? A Privacy Scorecard for AI Coding Assistants
The rapid integration of AI-powered coding assistants into developer workflows has raised significant privacy and trust concerns. As developers entrust proprietary code to services like OpenAI's GPT, Google's Gemini, and GitHub Copilot, the unclear data handling practices of these tools create security and compliance risks. This paper addresses this challenge by introducing and applying a novel, expert-validated privacy scorecard. The methodology involves a detailed analysis of four document ty…

Guarding Your Conversations: Privacy Gatekeepers for Secure Interactions with Cloud-Based AI Models
GodsGift Uzor, Hasan Al-Qudah, Ynes Ineza, Abdul Serwadda
https://arxiv.org/abs/2508.16765

Guarding Your Conversations: Privacy Gatekeepers for Secure Interactions with Cloud-Based AI Models
The interactive nature of Large Language Models (LLMs), which closely track user data and context, has prompted users to share personal and private information in unprecedented ways. Even when users opt out of allowing their data to be used for training, these privacy settings offer limited protection when LLM providers operate in jurisdictions with weak privacy laws, invasive government surveillance, or poor data security practices. In such cases, the risk of sensitive information, including P…

B-Privacy: Defining and Enforcing Privacy in Weighted Voting
Samuel Breckenridge, Dani Vilardell, Andr\'es F\'abrega, Amy Zhao, Patrick McCorry, Rafael Solari, Ari Juels
https://arxiv.org/abs/2509.17871

B-Privacy: Defining and Enforcing Privacy in Weighted Voting
In traditional, one-vote-per-person voting systems, privacy equates with ballot secrecy: voting tallies are published, but individual voters' choices are concealed. Voting systems that weight votes in proportion to token holdings, though, are now prevalent in cryptocurrency and web3 systems. We show that these weighted-voting systems overturn existing notions of voter privacy. Our experiments demonstrate that even with secret ballots, publishing raw tallies often reveals voters' choices. We…

Synth-MIA: A Testbed for Auditing Privacy Leakage in Tabular Data Synthesis
Joshua Ward, Xiaofeng Lin, Chi-Hua Wang, Guang Cheng
https://arxiv.org/abs/2509.18014 https://…

Synth-MIA: A Testbed for Auditing Privacy Leakage in Tabular Data Synthesis
Tabular Generative Models are often argued to preserve privacy by creating synthetic datasets that resemble training data. However, auditing their empirical privacy remains challenging, as commonly used similarity metrics fail to effectively characterize privacy risk. Membership Inference Attacks (MIAs) have recently emerged as a method for evaluating privacy leakage in synthetic data, but their practical effectiveness is limited. Numerous attacks exist across different threat models, each with…

Differential Privacy of Network Parameters from a System Identification Perspective
Andrew Campbell, Anna Scaglione, Hang Liu, Victor Elvira, Sean Peisert, Daniel Arnold
https://arxiv.org/abs/2509.20460

Differential Privacy of Network Parameters from a System Identification Perspective
This paper addresses the problem of protecting network information from privacy system identification (SI) attacks when sharing cyber-physical system simulations. We model analyst observations of networked states as time-series outputs of a graph filter driven by differentially private (DP) nodal excitations, with the analyst aiming to infer the underlying graph shift operator (GSO). Unlike traditional SI, which estimates system parameters, we study the inverse problem: what assumptions prevent…

RAG Security and Privacy: Formalizing the Threat Model and Attack Surface
Atousa Arzanipour, Rouzbeh Behnia, Reza Ebrahimi, Kaushik Dutta
https://arxiv.org/abs/2509.20324 https:…

RAG Security and Privacy: Formalizing the Threat Model and Attack Surface
Retrieval-Augmented Generation (RAG) is an emerging approach in natural language processing that combines large language models (LLMs) with external document retrieval to produce more accurate and grounded responses. While RAG has shown strong potential in reducing hallucinations and improving factual consistency, it also introduces new privacy and security challenges that differ from those faced by traditional LLMs. Existing research has demonstrated that LLMs can leak sensitive information th…

From Research to Reality: Feasibility of Gradient Inversion Attacks in Federated Learning
Viktor Valadi, Mattias {\AA}kesson, Johan \"Ostman, Salman Toor, Andreas Hellander
https://arxiv.org/abs/2508.19819

From Research to Reality: Feasibility of Gradient Inversion Attacks in Federated Learning
Gradient inversion attacks have garnered attention for their ability to compromise privacy in federated learning. However, many studies consider attacks with the model in inference mode, where training-time behaviors like dropout are disabled and batch normalization relies on fixed statistics. In this work, we systematically analyze how architecture and training behavior affect vulnerability, including the first in-depth study of inference-mode clients, which we show dramatically simplifies inv…

Breaking the Layer Barrier: Remodeling Private Transformer Inference with Hybrid CKKS and MPC
Tianshi Xu, Wen-jie Lu, Jiangrui Yu, Chen Yi, Chenqi Lin, Runsheng Wang, Meng Li
https://arxiv.org/abs/2508.19525

Breaking the Layer Barrier: Remodeling Private Transformer Inference with Hybrid CKKS and MPC
This paper presents an efficient framework for private Transformer inference that combines Homomorphic Encryption (HE) and Secure Multi-party Computation (MPC) to protect data privacy. Existing methods often leverage HE for linear layers (e.g., matrix multiplications) and MPC for non-linear layers (e.g., Softmax activation functions), but the conversion between HE and MPC introduces significant communication costs. The proposed framework, dubbed BLB, overcomes this by breaking down layers into …

Crosslisted article(s) found for cs.CR. https://arxiv.org/list/cs.CR/new
[1/1]:
- ZTFed-MAS2S: A Zero-Trust Federated Learning Framework with Verifiable Privacy and Trust-Aware Ag...
Yang Li, Hanjie Wang, Yuanzheng Li, Jiazheng Li, Zhaoyang Dong

Towards Adapting Federated & Quantum Machine Learning for Network Intrusion Detection: A Survey
Devashish Chaudhary, Sutharshan Rajasegarar, Shiva Raj Pokhrel
https://arxiv.org/abs/2509.21389

Towards Adapting Federated & Quantum Machine Learning for Network Intrusion Detection: A Survey
This survey explores the integration of Federated Learning (FL) with Network Intrusion Detection Systems (NIDS), with particular emphasis on deep learning and quantum machine learning approaches. FL enables collaborative model training across distributed devices while preserving data privacy-a critical requirement in network security contexts where sensitive traffic data cannot be centralized. Our comprehensive analysis systematically examines the full spectrum of FL architectures, deployment s…

Network-Level Prompt and Trait Leakage in Local Research Agents
Hyejun Jeong, Mohammadreze Teymoorianfard, Abhinav Kumar, Amir Houmansadr, Eugene Badasarian
https://arxiv.org/abs/2508.20282

Network-Level Prompt and Trait Leakage in Local Research Agents
We show that Web and Research Agents (WRAs) -- language model-based systems that investigate complex topics on the Internet -- are vulnerable to inference attacks by passive network adversaries such as ISPs. These agents could be deployed \emph{locally} by organizations and individuals for privacy, legal, or financial purposes. Unlike sporadic web browsing by humans, WRAs visit $70{-}140$ domains with distinguishable timing correlations, enabling unique fingerprinting attacks. Specifically, w…

Federated Learning for Large Models in Medical Imaging: A Comprehensive Review
Mengyu Sun, Ziyuan Yang, Yongqiang Huang, Hui Yu, Yingyu Chen, Shuren Qi, Andrew Beng Jin Teoh, Yi Zhang
https://arxiv.org/abs/2508.20414

Federated Learning for Large Models in Medical Imaging: A Comprehensive Review
Artificial intelligence (AI) has demonstrated considerable potential in the realm of medical imaging. However, the development of high-performance AI models typically necessitates training on large-scale, centralized datasets. This approach is confronted with significant challenges due to strict patient privacy regulations and legal restrictions on data sharing and utilization. These limitations hinder the development of large-scale models in medical domains and impede continuous updates and tr…

The Hidden Cost of Correlation: Rethinking Privacy Leakage in Local Differential Privacy
Sandaru Jayawardana, Sennur Ulukus, Ming Ding, Kanchana Thilakarathna
https://arxiv.org/abs/2508.12539

The Hidden Cost of Correlation: Rethinking Privacy Leakage in Local Differential Privacy
Local differential privacy (LDP) has emerged as a promising paradigm for privacy-preserving data collection in distributed systems, where users contribute multi-dimensional records with potentially correlated attributes. Recent work has highlighted that correlation-induced privacy leakage (CPL) plays a critical role in shaping the privacy-utility trade-off under LDP, especially when correlations exist among attributes. Nevertheless, it remains unclear to what extent the prevailing assumptions a…

Securing the Internet of Medical Things (IoMT): Real-World Attack Taxonomy and Practical Security Measures
Suman Deb, Emil Lupu, Emm Mic Drakakis, Anil Anthony Bharath, Zhen Kit Leung, Guang Rui Ma, Anupam Chattopadhyay
https://arxiv.org/abs/2507.19609

Securing the Internet of Medical Things (IoMT): Real-World Attack Taxonomy and Practical Security Measures
The Internet of Medical Things (IoMT) has the potential to radically improve healthcare by enabling real-time monitoring, remote diagnostics, and AI-driven decision making. However, the connectivity, embedded intelligence, and inclusion of a wide variety of novel sensors expose medical devices to severe cybersecurity threats, compromising patient safety and data privacy. In addition, many devices also have direct capacity - individually or in conjunction with other IoMT devices - to perform act…

R-CONV : Uncovering Privacy Vulnerabilities through Analytical Gradient Inversion Attacks
Tamer Ahmed Eltaras, Qutaibah Malluhi, Alessandro Savino, Stefano Di Carlo, Adnan Qayyum
https://arxiv.org/abs/2509.18871

Privacy-Preserving State Estimation with Crowd Sensors: An Information-Theoretic Respective
Farhad Farokhi
https://arxiv.org/abs/2509.17266 https://arxiv.o…

Privacy-Preserving State Estimation with Crowd Sensors: An Information-Theoretic Respective
Privacy-preserving state estimation for linear time-invariant dynamical systems with crowd sensors is considered. At any time step, the estimator has access to measurements from a randomly selected sensor from a pool of sensors with pre-specified models and noise profiles. A Luenberger-like observer is used to fuse the measurements with the underlying model of the system to recursively generate the state estimates. An additive privacy-preserving noise is used to constrain information leakage. I…

Private Hyperparameter Tuning with Ex-Post Guarantee
Badih Ghazi, Pritish Kamath, Alexander Knop, Ravi Kumar, Pasin Manurangsi, Chiyuan Zhang
https://arxiv.org/abs/2508.15183 ht…

Private Hyperparameter Tuning with Ex-Post Guarantee
The conventional approach in differential privacy (DP) literature formulates the privacy-utility trade-off with a "privacy-first" perspective: for a predetermined level of privacy, a certain utility is achievable. However, practitioners often operate under a "utility-first" paradigm, prioritizing a desired level of utility and then determining the corresponding privacy cost. Wu et al. [2019] initiated a formal study of this "utility-first" perspective by introducing ex-post DP. They demonstra…

FlowCrypt: Flow-Based Lightweight Encryption with Near-Lossless Recovery for Cloud Photo Privacy
Xiaohui Yang, Ping Ping, Feng Xu
https://arxiv.org/abs/2509.18696 https://

FlowCrypt: Flow-Based Lightweight Encryption with Near-Lossless Recovery for Cloud Photo Privacy
The widespread adoption of smartphone photography has led users to increasingly rely on cloud storage for personal photo archiving and sharing, raising critical privacy concerns. Existing deep learning-based image encryption schemes, typically built upon CNNs or GANs, often depend on traditional cryptographic algorithms and lack inherent architectural reversibility, resulting in limited recovery quality and poor robustness. Invertible neural networks (INNs) have emerged to address this issue by…

How to Get Actual Privacy and Utility from Privacy Models: the k-Anonymity and Differential Privacy Families
Josep Domingo-Ferrer, David S\'anchez
https://arxiv.org/abs/2510.11299

How to Get Actual Privacy and Utility from Privacy Models: the k-Anonymity and Differential Privacy Families
Privacy models were introduced in privacy-preserving data publishing and statistical disclosure control with the promise to end the need for costly empirical assessment of disclosure risk. We examine how well this promise is kept by the main privacy models. We find they may fail to provide adequate protection guarantees because of problems in their definition or incur unacceptable trade-offs between privacy protection and utility preservation. Specifically, k-anonymity may not entirely exclude …