人工智能時代聯邦學習隱私保護的局限及克服

人工智能立法通常會對特定技術有所偏重。聯邦學習屬於主流的機器學習技術，最大的優勢就在於其架構設計充分考慮了隱私需求。聯邦學習在金融、數據公開等領域的應用已經比較廣泛，並對自然人權益產生了重大影響。目前以隱私保護為目標的聯邦學習不斷暴露各種隱私揭示了個人數據隱私保護路徑的法律缺陷:規範稀疏導致聯邦學習缺乏明確隱私需求，“隱私設計”優勢很難得到發揮;分布式架構導致聯邦學習隱私保護責任難以落實;過度強調保密性和安全性，導致隱私保護的人格性被弱化和轉化;技術權衡缺乏規範導致隱私保護缺乏透明性和確定性。這些問題揭示了人工智能隱私保護與個人數據保護在保護對象、保護流程、保護責任、保護框架等方面存在的巨大鴻溝。為了適應人工智能隱私保護的特殊要求，未來可在整合規範依據、調整規範重點、探索歸責機制、構建溝通機制等方面對人工智能隱私保護規範進行升級和完善。

Artificial intelligence legislation often tends to focus on specific technologies. Federated learning, a mainstream machine learning technique, is distinguished by its architecture, which is designed with privacy needs in mind. Federated learning has been widely applied in fields such as finance and data sharing, significantly impacting individual rights. However, its privacy-centric design has also exposed various privacy risks, highlighting deficiencies in the legal framework for personal data protection: sparse regulations leave federated learning without clear privacy requirements, limiting the effectiveness of its“privacy by design”advantage; its distributed architecture makes assigning privacy protection responsibilities difficult; an excessive emphasis on confidentiality and security weakens and transforms the concept of privacy as a personal right; and a lack of regulatory guidance for technical trade-offs undermines transparency and certainty in privacy protection. These issues reveal significant gaps between artificial intelligence privacy protection and personal data protection in terms of their objects, processes, responsibilities, and frameworks. To meet the unique demands of privacy protection in artificial intelligence, future efforts could focus on integrating regulatory foundations, adjusting regulatory priorities, exploring liability mechanisms, and establishing communication frameworks to enhance and refine privacy protection standards.