Founding offer · lifetime membership for a single £24, exclusive to our first members · closes 20 June Claim your place →
Global Research Partnerships £24 Lifetime Log inCreate free account

Funded Projects › HORIZON

Privacy4FMs · Privacy Protection and Auditing for Foundation Models

HORIZONStatus: SIGNED1 January 202631 December 2030EU funding €1,499,973Call ERC-2025-STG

Novel foundation models (FMs) like GPT, LLaMA, and Stable Diffusion are achieving exceptional performance across diverse tasks, generating high-quality text, images, and audio, and driving industry innovations. This progress stems from a shift in machine learning paradigm: instead of training task-specific models on curated datasets, FMs are first pretrained on vast, uncurated data to become strong general-purpose models, then adapted on smaller, domain-specific datasets for specific tasks.However, FMs leak information from their training data. For example, recent studies reveal that they can re-create individual data points from their pretraining and adaptation datasets. This poses serious privacy risks when private data is involved. Preventing exposure requires developing methods to ensure privacy-preservation throughout FMs' lifecycle, from pretraining to deployment. To achieve this, our project will identify sources of privacy leakage, provide privacy guarantees over both pretraining and adaptation, and audit FMs to detect privacy violations. Therefore, we must overcome three major challenges: the limited understanding of privacy risks in FM pretraining, the lack of formal joint privacy guarantees for pretraining and adaptation, and the ineffectiveness of current privacy auditing methods.The solution that we propose will establish a novel theoretical framework for privacy guarantees in FMs under the pretrain-adapt paradigm. Our fundamental innovations rely on the insight that, due to complex interdependencies between pretraining and adaptation data, different data points require individual levels of protection to prevent leakage. Advancing methods for identifying, achieving, and accounting for such individual guarantees will enable us to formally bound privacy leakage over both training stages and to detect violations. These innovations will allow society to benefit from technological advancements through FMs without compromising individuals' privacy.

Consortium · 1 organisation

coordinator

CISPA - HELMHOLTZ-ZENTRUM FUR INFORMATIONSSICHERHEIT GGMBH

DE · €1,499,973

Research fields

natural sciencesdata protectionmachine learning
View the official record on CORDIS →

← Find collaborators and more funded projects

Source: CORDIS, Publications Office of the European Union. Global Research Partnerships surfaces open EU research data to help you find collaborators; we are not affiliated with the European Union.