Privacy in Machine Learning

NeurIPS 2021 Workshop


This one-day workshop focuses on privacy-preserving machine learning techniques for large-scale data analysis, both in the distributed and centralized settings, and on scenarios that highlight the importance and need for these techniques (e.g., via privacy attacks). There is growing interest from the Machine Learning (ML) community in leveraging cryptographic techniques such as Multi-Party Computation (MPC) and Homomorphic Encryption (HE) for secure computation during training and inference, as well as Differential Privacy (DP) for limiting the privacy risks from the trained model itself. We encourage both theory and application-oriented submissions exploring a range of approaches listed below.

  • Privacy-preserving machine learning
  • Differential privacy: theory, applications, and implementations
  • Statistical and information-theoretic notions of privacy, including DP relaxations
  • Empirical and theoretical comparisons between different notions of privacy
  • Privacy-preserving data sharing, anonymization, and privacy of synthetic data
  • Privacy attacks
  • Federated and decentralized privacy-preserving algorithms
  • Policy-making aspects of data privacy
  • Secure multi-party computation techniques for machine learning
  • Learning on encrypted data, homomorphic encryption
  • Privacy in autonomous systems
  • Online social networks privacy
  • Privacy and private learning in computer vision and natural language processing tasks
  • Programming languages for privacy-preserving data analysis
  • Relations of privacy with fairness, transparency and adversarial robustness
  • Machine unlearning and data-deletion

Call For Papers & Important Dates

Download Full CFP

Submission deadline: September 16 17, 2021 (UTC)
Notification of acceptance: October 15, 2021
Video and slides submission deadline (for accepted papers): November 1, 2021
Event date: December 14, 2021
Contact :

Submission Instructions

Submissions in the form of extended abstracts must be at most 4 pages long (not including references; additional supplementary material may be submitted but may be ignored by reviewers), non-anonymized, and adhere to the NeurIPS format. We encourage the submission of work that is new to the privacy-preserving machine learning community. Submissions solely based on work that has been previously published in conferences on machine learning and related fields are not suitable for the workshop. On the other hand, we allow submission of works currently under submission and relevant works recently previously published in privacy and security venues. Submission of work under review at NeurIPS 2021 is allowed but this must be disclosed at submission time. Submissions accepted to the NeurIPS main conference may be deprioritized in selecting oral presentations. The workshop will not have formal proceedings, but authors of accepted abstracts can choose to have a link to arxiv or a pdf added on the workshop webpage.

Submit Your Abstract Here

Invited Speakers

  • Helen Nissenbaum (Cornell Tech)
  • Emiliano de Cristofaro (University College London)
  • Kristin Lauter (Facebook AI Research)
  • Aaron Roth (UPenn / Amazon)


8:10 Opening

Accepted Papers


Workshop organizers

  • Borja Balle (DeepMind)
  • Giovanni Cherubin (Alan Turing Institute)
  • Kamalika Chaudhuri (UC San Diego and Facebook AI Research)
  • Antti Honkela (University of Helsinki)
  • Jonathan Lebensold (Mila and McGill University)
  • Casey Meehan (UC San Diego)
  • Mijung Park (University of British Columbia)
  • Yu-Xiang Wang (UC Santa Barbara)
  • Adrian Weller (Alan Turing Institute & Cambridge University)
  • Yuqing Zhu (UC Santa Barbara)

Program Committee