Classification of personal text messages has many useful applications in surveillance, e-commerce, and mental health care, to name a few. Giving applications access to personal texts can easily lead to (un)intentional privacy violations. We propose the first privacy-preserving solution for text classification that is provably secure. Our method, which is based on Secure Multiparty Computation (SMC), encompasses both feature extraction from texts, and subsequent classification with logistic regression and tree ensembles. We prove that when using our secure text classification method, the application does not learn anything about the text, and the author of the text does not learn anything about the text classification model used by the application beyond what is given by the classification result itself. We perform end-to-end experiments with an application for detecting hate speech against women and immigrants, demonstrating excellent runtime results without loss of accuracy.

As AI-driven dataspaces become integral to data sharing and collaborative analytics, ensuring privacy, performance, and policy compliance presents significant challenges. This paper provides a comprehensive review of privacy-preserving and policy-aware AI techniques, including Federated Learning, Differential Privacy, Trusted Execution Environments, Homomorphic Encryption, and Secure Multi-Party Computation, alongside strategies for aligning AI with regulatory frameworks such as GDPR and the EU AI Act. We propose a novel taxonomy to classify these techniques based on privacy levels, performance impacts, and compliance complexity, offering a clear framework for practitioners and researchers to navigate trade-offs. Key performance metrics -- latency, throughput, cost overhead, model utility, fairness, and explainability -- are analyzed to highlight the multi-dimensional optimization required in dataspaces. The paper identifies critical research gaps, including the lack of standardized privacy-performance KPIs, challenges in explainable AI for federated ecosystems, and semantic policy enforcement amidst regulatory fragmentation. Future directions are outlined, proposing a conceptual framework for policy-driven alignment, automated compliance validation, standardized benchmarking, and integration with European initiatives like GAIA-X, IDS, and Eclipse EDC. By synthesizing technical, ethical, and regulatory perspectives, this work lays the groundwork for developing trustworthy, efficient, and compliant AI systems in dataspaces, fostering innovation in secure and responsible data-driven ecosystems.

The authors present a privacy-preserving protocol for learning text classifiers on short texts using secure multiparty communication (SMC). Unlike differential privacy under the central model, a more popular framework at the moment for making it difficult to distinguish the presence or absence of individuals in training data for a model, this protocol aims to ensure that a pretrained classifier may be used on new text data without leaking that data to the classifier's owner. Though the underlying classifier is not a SOTA solution to the test classification problem, hate speech detection, it is a nontrivial classifier of text and can classify a single example in a matter of seconds, substantially improving over the performance of approaches using homomorphic encryption. The authors test their approach on a collection of 10,000 tweets with binary labels describing whether they are hate speech, demonstrating the effectiveness of this tool in aiding automatic moderation of sensitive content. I want to be open that I am not an expert on SMC, and my primary knowledge of privacy-preserving ML is through differential privacy and natural language processing.

Classification of personal text messages has many useful applications in surveillance, e-commerce, and mental health care, to name a few. Giving applications access to personal texts can easily lead to (un)intentional privacy violations. We propose the first privacy-preserving solution for text classification that is provably secure. Our method, which is based on Secure Multiparty Computation (SMC), encompasses both feature extraction from texts, and subsequent classification with logistic regression and tree ensembles. We prove that when using our secure text classification method, the application does not learn anything about the text, and the author of the text does not learn anything about the text classification model used by the application beyond what is given by the classification result itself.

Secure Multi-Party Computation (SMPC), as described by Wikipedia, is a subset of cryptography to create methods for multiple users to jointly compute a function over their inputs while keeping those inputs private. A significant benefit of Secure Multi-Party Computation is that it preserves data privacy while making it usable and open for analysis. I've explained how SecureMulti-Party Computation and Fair Multi-Party Computation work in earlier posts. While there are several emerging Use Cases of Secure Multi-Party Computation, I'm going to focus on three use cases in this post: autonomous vehicles and swarm robotics, healthcare data and analytics, and lastly, securely training machine learning models. Below are three use cases that would benefit from Secure Multi-Party Computation, i.e., being able to jointly compute a function over their inputs while keeping those inputs private.

Federated learning (FL) is a decentralized method enabling hospitals to collaboratively learn a model without sharing private patient data for training. In FL, participant hospitals periodically exchange training results rather than training samples with a central server. However, having access to model parameters or gradients can expose private training data samples. To address this challenge, we adopt secure multiparty computation (SMC) to establish a privacy-preserving federated learning framework. In our proposed method, the hospitals are divided into clusters. After local training, each hospital splits its model weights among other hospitals in the same cluster such that no single hospital can retrieve other hospitals' weights on its own. Then, all hospitals sum up the received weights, sending the results to the central server. Finally, the central server aggregates the results, retrieving the average of models' weights and updating the model without having access to individual hospitals' weights. We conduct experiments on a publicly available repository, The Cancer Genome Atlas (TCGA). We compare the performance of the proposed framework with differential privacy and federated averaging as the baseline. The results reveal that compared to differential privacy, our framework can achieve higher accuracy with no privacy leakage risk at a cost of higher communication overhead.

Look back to the days when HTTP/SSL was a newly introduced protocol. Initially, it was applied by entities shuttling the most sensitive data back and forth -- typically credit card or other financial info. But today, it's in universal use, applied almost everywhere. In fact, if you don't see that tiny lock icon at the far left of your address bar, it's a red flag to get out. Cape Privacy sees secure multi-party computation taking the same adoption curve so that it becomes "absolutely ubiquitous."

Classification of personal text messages has many useful applications in surveillance, e-commerce, and mental health care, to name a few. Giving applications access to personal texts can easily lead to (un)intentional privacy violations. We propose the first privacy-preserving solution for text classification that is provably secure. Our method, which is based on Secure Multiparty Computation (SMC), encompasses both feature extraction from texts, and subsequent classification with logistic regression and tree ensembles. We prove that when using our secure text classification method, the application does not learn anything about the text, and the author of the text does not learn anything about the text classification model used by the application beyond what is given by the classification result itself.

With the strengthening of data privacy and security, traditional data centralization for AI faces huge challenges. Moreover, isolated data existing in various industries and institutions is grossly underused and thus retards the advance of AI applications. We propose a possible solution to these problems: knowledge federation. Beyond the concepts of federated learning and secure multi-party computation, we introduce a comprehensive knowledge federation framework, which is a hierarchy with four-level federation. In terms of the occurrence time of federation, knowledge federation can be categorized into information level, model level, cognition level, and knowledge level. To facilitate widespread academic and commercial adoption of this concept, we provide definitions free from ambiguity for the knowledge federation framework. In addition, we clarify the relationship and differentiation between knowledge federation and other related research fields and conclude that knowledge federation is a unified framework for secure multi-party computation and learning.