Data Protection in Personalized AI Services: A Decentralized Approach

Abstract

Advances in Artificial Intelligence (AI) have shaped today’s user services, enabling enhanced personalization and new kinds of support. As such AI-based services -- referred to as AI services in this thesis -- necessarily involve (potentially sensitive) user data, the resulting privacy implications are de facto the unacceptable face of this technology: data once provided, e.g., to AI services typically running in the provider's cloud or on (third-party) edge devices, may be used for other (often commercial) purposes than originally intended, even without the user's consent or awareness. While approaches to data protection are manifold, each of them makes a certain tradeoff between personalization, privacy, and applicability -- there is no practical one-size-fits-all solution. This thesis explores a data decentralization approach in the context of personalized (single-user) AI services to achieve a more favorable tradeoff for users while considering the providers' interests. As a result, this work comprises seven (7) major contributions, two for the systematic understanding of data protection and privacy requirements in AI services, and five technical contributions -- of the latter, three contribute protection mechanisms based on data decentralization and two pave the way for a decentralized (urban) operation. Specifically, the first contribution presents a user study that explores user expectations of such data-demanding AI services and the extent to which privacy concerns arise. Based on these findings, the second contribution classifies the related work of data protection in AI services in a novel way, highlighting the identified research gaps -- some of which are addressed in this thesis, as outlined below. While data decentralization promises users more control over their own data, it entails issues related to both efficiency and the protection of the provider's intellectual property due to the need for locally running AI services; this part of the thesis contributes three building blocks to address these issues: the third contribution of this thesis comprises a privacy-by-design platform, which relies on an open architecture and decentralized data-confining personal data stores with design and runtime support for AI services running locally to access user data; it forms the basis for the following building blocks. The fourth contribution adds a building block to ensure confidential processing of user data locally by AI services while protecting providers' intellectual property, even when both are offloaded to untrusted (third-party) edge devices. The fifth contribution adds a building block to address the cold-start problem and efficiency issues (e.g., caused by labeling effort for users, local resource use) specifically of AI services relying on supervised learning algorithms in local personalization. To support mobile users in coping with resource-intensive, latency-demanding AI services and provide ambient support to them not only at home, the last part of this thesis enables a city-wide, decentralized operation of this platform. The sixth contribution presents two economic (edge computing) infrastructure concepts, which propose to exploit existing (but originally for other purposes used) infrastructures that are predestined for this: one is based on publicly-owned augmented street lamps; the other relies on a sharing concept of privately-owned wireless home routers and their LAN-connected home resources. The seventh and last contribution adds a proactive deployment mechanism to efficiently conceal the inherent initialization overhead of (personalized, data-protected) AI services on nearby edge devices for mobile users. A series of evaluations on sample AI services provides the proof of the proposed concepts---confirming the achieved unique tradeoff between personalization, privacy, and applicability.