Topics in Privacy-Preserving Machine Learning and Optimization

Andrew Lowy, Sebastian Stich

News

Aktuell gibt es keine Neuigkeiten

Topics in Privacy-Preserving Machine Learning and Optimization

Machine learning systems increasingly rely on sensitive personal data, raising important questions about privacy and data governance. Regulations such as the GDPR and the EU AI Act motivate both the development of learning algorithms with rigorous privacy guarantees and the ability to remove individuals' data from trained models (“machine unlearning”).

This seminar explores modern research in differentially private optimization and machine learning , focusing on both foundational results and recent advances. We will study core concepts in differential privacy and optimization, fundamental tradeoffs between privacy and accuracy, and efficient algorithms for private optimization and learning.

In addition, the seminar will cover recent research on machine unlearning , which investigates how trained models can efficiently forget individual data points, and how this problem relates to—but is distinct from—differentially private learning.

The seminar is based on a mix of foundational papers and recent research publications.

Requirements:  Students are expected to have a solid command of probability theory and multivariable calculus. Comfort with mathematical proofs and theoretical arguments is strongly recommended. Preference will be given to Master's students in Computer Science or related fields with a convincing motivation.

 

Organization

In this seminar, students will learn to read, present, discuss, and synthesize research papers in privacy-preserving machine learning, optimization, and machine unlearning. The seminar consists of three phases:

1. Introductory lectures on fundamentals (mid July)
At the beginning of the semester, several short lectures will introduce the foundations of differential privacy and optimization needed for the seminar.

2. Independent reading phase (late July – August)
Students will work independently on their assigned topics, read and review research papers, and prepare their presentations and seminar papers. A short paper review will be due during this phase.

3. Block seminar with student presentations (early September)
Student presentations will be grouped into a block seminar held over 1–3 days in person.

Each student will be assigned one topic consisting of two related papers. Topics cover both foundational results and recent advances in differentially private optimization and machine unlearning.

 

Important Dates (tentative)

  • Kick-off meeting & introductory lectures: mid July (tentatively July 13–17)
  • Independent reading phase: late July – late August
  • Short paper review due: mid August (tentatively August 14)
  • Block seminar (presentations): early September (tentatively September 2–4)
  • Submission of seminar paper: September 11, 2026

Exact dates will be announced on the course website after registration is completed.

 

Deliverables and Grading

Each student will complete the following:

1. Short Paper Review (~1 page, 15%)

Each student will write a short review of a paper from another topic (not their own topic). The reviewed paper must be selected from the list of papers assigned to seminar topics.

The review should address:

  • What is the problem addressed by the paper?
  • What was known before, and how does the paper improve on previous work?
  • What are the main strengths and limitations of the paper?
  • Which parts were difficult to understand?
  • What are possible extensions or open questions?

 

2. Seminar Paper (35%)

Each student will write a seminar paper (maximum 6 pages, excluding references and appendices) on their assigned topic.

The seminar paper should:

  • provide a coherent exposition of the topic,
  • synthesize the main ideas of the assigned papers,
  • interpret the results and explain the algorithms and proofs,
  • discuss connections to other works, 
  • provide extensions, alternative proofs, or consequences of results in the papers, and 
  • discuss limitations, open problems, or future research directions.

 

 

3. Presentation (40%)

Each student will prepare and deliver a ~20-minute presentation (plus 10 minutes for discussion) on their assigned topic (using the two assigned papers as a starting point). For selected topics, slightly longer presentations may be scheduled. The content of the presentation should be aligned with the seminar paper, but covered in less detail and using slides. 

Presentations should:

  • explain the problem setting and motivation,
  • summarize the main ideas and results,
  • provide intuition for the algorithms, techniques, and proofs,
  • discuss limitations and open research directions.

Students will have the opportunity to receive feedback on their slides before the presentation. 

 

4. Participation (10%)

Active participation in the seminar discussions is expected. Students are encouraged to ask questions, provide feedback to presenters, and engage critically with the material.

 

 

 

Datenschutz | Impressum
Bitte wenden Sie sich bei technischen Problemen an die Administratoren.