AnonFACES: Anonymizing Faces Adjusted to Constraints on Efficacy and Security
Paper in proceedings, 2020

Image data analysis techniques such as facial recognition can threaten individuals’ privacy. Whereas privacy risks often can be reduced by adding noise to the data, this approach reduces the utility of the images. For this reason, image de-identification techniques typically replace directly identifying features (e.g., faces, car number plates) present in the data with synthesized features, while still preserving other non-identifying features. As of today, existing techniques mostly focus on improving the naturalness of the generated synthesized images, without quantifying their impact on privacy. In this paper, we propose the first methodology and system design to quantify, improve, and tune the privacy-utility trade-off, while simultaneously also improving the naturalness of the generated images. The system design is broken down into three components that address separate but complementing challenges. This includes a two-step cluster analysis component to extract low-dimensional feature vectors representing the images (embedding) and to cluster the images into fixed-sized clusters. While the importance of good clustering mostly has been neglected in previous work, we find that our novel approach of using low-dimensional feature vectors can improve the privacy-utility trade-off by better clustering similar images. The use of these embeddings has been found particularly useful when wanting to ensure high naturalness and utility of the synthetically generated images. By combining improved clustering and incorporating StyleGAN, a state-of-the-art Generative Neural Network, into our solution, we produce more realistic synthesized faces than prior works, while also better preserving properties such as age, gender, skin tone, or even emotional expressions. Finally, our iterative tuning method exploits non-linear relations between privacy and utility to identify good privacy-utility trade-offs. We note that an example benefit of these improvements is that our solution allows car manufacturers to train their autonomous vehicles while complying with privacy laws.

privacy

image de-identification

k-anonymity

Author

Minh-Ha Le

Linköping University

Md Sakib Nizam Khan

Royal Institute of Technology (KTH)

Georgia Tsaloli

Chalmers, Computer Science and Engineering (Chalmers), Networks and Systems (Chalmers)

Niklas Carlsson

Linköping University

Sonja Buchegger

Royal Institute of Technology (KTH)

WPES 2020, Proceedings of the 19th Workshop on Privacy in the Electronic Society

87-100

CCS '20: 2020 ACM SIGSAC Conference on Computer and Communications Security
New York, USA,

Subject Categories

Other Computer and Information Science

Computer Vision and Robotics (Autonomous Systems)

Medical Image Processing

DOI

10.1145/3411497.3420220

More information

Latest update

1/7/2021 1