Models such as Stable Diffusion are trained on copyrighted, trademarked, private, and sensitive images. Yet, our new paper shows that diffusion models memorize images from their training data and emit them at generation time. Paper: arxiv.org/abs/2301.13188 👇[1/9]

As differential privacy is used in industry and the public sector we are learning what it can and cannot do. In Jul 2022, we organized a workshop to discuss topics pertaining to privacy and its implications in the design of industry-grade systems. (1/4) arxiv.org/abs/2304.06929

Today, we discuss the current state of differentially private ML (DP-ML) research with an overview of common techniques for obtaining DP-ML models, engineering challenges, mitigation techniques and current open questions. Learn more ↓ goo.gle/3Iril5k

I've spent several years studying machine learning security with the goal of making ML reliable before it is used in more and more important contexts. Unfortunately, ML capabilities and adoption are growing much faster than ML robustness. safe.ai/statement-on-a…

New Article: "How to DP-fy ML: A Practical Guide to Machine Learning with Differential Privacy" by Ponomareva, Hazimeh, Kurakin, Xu, Denison, McMahan, Vassilvitskii, Chien, and Thakurta jair.org/index.php/jair…

Nature Comms paper: Subtle adversarial image manipulations influence both human and machine perception! We show that adversarial attacks against computer vision models also transfer (weakly) to humans, even when the attack magnitude is small. nature.com/articles/s4146…

Today we describe a method for generating differentially private synthetic training data, which reflects the overall characteristics of the original data and enables the training of robust models while maintaining strong privacy protections. Learn more at goo.gle/3QMoJrT

We have an open position for a Research Scientist/Research Engineer to join our team! If interested: boards.greenhouse.io/deepmind/jobs/…

1/3 🚨 AGI agents are venturing into untrusted territories, but current LLMs face vulnerabilities like prompt injections. How do we ensure their safety? 🤔