scope:

This document provides recommended practices related to privacy and security for Federated Machine Learning, including security and privacy principles, defense mechanisms against non-malicious failures and examples of adversarial attacks on a Federated Machine Learning system. This document also defines an assessment framework to determine the effectiveness of a given defense mechanism under various settings. Data privacy and security are highly complex and increasingly regulated areas of law, and no recommended practice can provide unconditional consistency with all applicable laws and regulations, which may also vary at the local, state and regional level. Users of this document should evaluate any implementation for considerations of data privacy, security and data ownership in the context of federated machine learning, and are responsible for conformance with all such laws and regulations.

Purpose

The purpose of this recommended practice is to provide a resource on the topics of security and privacy for designers and users of Federated Machine Learning systems and to accelerate the deployment of Federated Machine Learning technology across industries.