Apple machine learning privacy workshop talks help promote AI security

Jump to First Reply
AppleInsiderAppleInsider
Posted:
in Mac Software

Apple has shared recordings of talks from its workshop about privacy and machine learning, demonstrating how it is considering how to protect user data while it is processed using AI.

Man in blue shirt pointing at a slide titled 'Random data allocation' with diagrams and equations on a screen.
Apple ML researcher Vitaly Feldman presenting at the workshop - Image Credit: Apple



Apple has repeatedly insisted that it is a privacy-forward company, including in its artificial intelligence and machine learning efforts. Following a workshop on privacy preservation in machine learning, Apple has shared details and published work that was presented at the event.

The workshop on Privacy-Preserving Machine Learning (PPML) was a two-day event earlier in 2025. It played host to researchers both within and outside of Apple, to discuss PPML in general.

The presentations list participants from various universities, as well as Google Research, Google DeepMind, and Microsoft Research.

The workshop focused on four areas: Private Learning and Statistics, Attacks and Security, Differential Privacy Foundations, and Foundation Models and Privacy.

Apple explains that the presentations and discussions were to explore the intersection of privacy, security, and the AI landscape as it evolves. There were discussions about the challenges of building AI systems with privacy protections.

The privacy discussions aim to "foster innovation while safeguarding user privacy," writes Apple.

Deep Thought



Apple's published presentations and work from the event cover quite a number of areas in the field of AI and privacy.

One topic that was discussed multiple times was ways to protect users more directly, such as creating privacy-conscious conversational agents. Due to the potential threat of malicious actors taking advantage of the contextual knowledge skills of chatbots, the AirGapAgent is proposed as a way to prevent leaks via limited data access.

The paper claims that it is powerful than currently available agents. A "single-query context hijacking attack" on a Gemini Ultra agent reduced its protectiveness of user data from 94% to 45%, while AirGapAgent maintained a 97% rate.

Similar in concept, "User Inference Attacks on Large Language Models" discusses how a malicious actor can determine if the responses from an LLM are fine-tuned using a user's data. If so, the paper asks what can be discovered and how such an attack could be defended.

Another presented a scalable private search system called Wally, which supports efficient semantic and keyword queries. The paper discusses how the system can do better at scale than others, which can get bogged down due to the processing-intensive cryptographic operations used for each database entry.

Other talks include "A Generalized Binary Tree Mechanism for Differentially Private Approximation of All-Pair Distances," "Nearly Tight Black-Box Auditing of Differentially Private Machine Learning," and "Elephants Do Not Forget: Differential Privacy with State Continuity for Privacy Budget."

Privacy vs Innovation



This is not the first workshop Apple has held dedicated to machine learning subjects. In 2024, it held workshops on "Human-Centred Machine Learning," and released talks from it in July 2025.

The release of published papers from a privacy-focused workshop is also quite apt, considering the constant criticism the machine learning industry has to deal with.

In July, Apple had to insist that its AI training is ethical, in that it won't scrape data from sources if the publisher doesn't agree to the practice.

However, in August, AI startup Perplexity was revealed to be actively working around restrictions like robots.txt. A report determined that it used a second browser agent to crawl webpages, even if robots.txt said it could not.

Apple's own efforts in machine learning are seemingly faltering in public, with extended delays affecting the long-awaited upgrade of Siri under Apple Intelligence.

By continuing to push its message that privacy is paramount and demonstrating that it is walking the walk, Apple at least shows its work in the field is at least as ethical as possible compared to rivals.

Even if it's quite late in comparison.



Read on AppleInsider

Comments

  • Reply 1 of 6
    AppleZuluapplezulu Posts: 2,582member
    This right here is a big reason why “late” matters significantly less than people currently think it does. 

    When Apple arrives with something well thought out and distinctly better than what’s currently offered, consumers and critics quickly forget about the “late” part. This is because the Apple version redefines the product category. Then there is no “late,” because the thing that people now want and expect didn’t exist until Apple introduced it. 

    When Apple finally introduces its own AI/machine learning-based products - including a new Siri digital assistant - that provides information that is actually useful and reliably accurate, while also preserving user privacy and security, and also doesn’t rely on IP theft, that’s going to be what people want and expect. Then, within a year or two, all the current, over-hyped, creepy and hallucinating LLM AI models will be left behind as what they really are: not ready for prime time. 

    There are a lot of mp3 players, smart phones, tablets, smart watches and wireless ear buds that all came before Apple’s versions, but nobody is digging them out of junk drawers to show how Apple is always late, because each just demonstrates how the “early” products were insufficient and incomplete when compared to the Apple devices that defined those product categories. 
     0Likes 0Dislikes 0Informatives
  • Reply 2 of 6
    auxioauxio Posts: 2,800member
    AppleZulu said:
    This right here is a big reason why “late” matters significantly less than people currently think it does. 
    And I know it boils the blood of those who only operate on self interest to see a company which actually considers the bigger picture of humanity and human rights having success. It flies in the face of the story they keep telling themselves and everyone around them.

    Reminds me of how surprised corporate America always was about interviews with Steve Jobs:
    https://www.youtube.com/watch?v=uf6TzOHO_dk
    edited August 13
    AppleZulu
     1Like 0Dislikes 0Informatives
  • Reply 3 of 6
    AppleZuluapplezulu Posts: 2,582member
    auxio said:
    AppleZulu said:
    This right here is a big reason why “late” matters significantly less than people currently think it does. 
    And I know it boils the blood of those who only operate on self interest to see a company which actually considers the bigger picture of humanity and human rights having success. It flies in the face of the story they keep telling themselves and everyone around them.

    Reminds me of how surprised corporate America always was about interviews with Steve Jobs:
    https://www.youtube.com/watch?v=uf6TzOHO_dk
    Hippie or nerd? Hippie. Maybe that sort of encapsulates what still goes on around Apple. They’re hippies surrounded by nerds who expect them to also be nerds, and keep being surprised when they’re hippies. 
     0Likes 0Dislikes 0Informatives
  • Reply 4 of 6
    AppleZuluapplezulu Posts: 2,582member
    auxio said:
    AppleZulu said:
    This right here is a big reason why “late” matters significantly less than people currently think it does. 
    And I know it boils the blood of those who only operate on self interest to see a company which actually considers the bigger picture of humanity and human rights having success. It flies in the face of the story they keep telling themselves and everyone around them.

    Reminds me of how surprised corporate America always was about interviews with Steve Jobs:
    https://www.youtube.com/watch?v=uf6TzOHO_dk
    Also, remember that he said everyone around him is a hippie. That’s who he chooses, and he chose Tim Cook as his successor. Tim Cook is not a nerd. 
     0Likes 0Dislikes 0Informatives
  • Reply 5 of 6
    auxioauxio Posts: 2,800member
    AppleZulu said:
    auxio said:
    AppleZulu said:
    This right here is a big reason why “late” matters significantly less than people currently think it does. 
    And I know it boils the blood of those who only operate on self interest to see a company which actually considers the bigger picture of humanity and human rights having success. It flies in the face of the story they keep telling themselves and everyone around them.

    Reminds me of how surprised corporate America always was about interviews with Steve Jobs:
    https://www.youtube.com/watch?v=uf6TzOHO_dk
    Also, remember that he said everyone around him is a hippie. That’s who he chooses, and he chose Tim Cook as his successor. Tim Cook is not a nerd. 
    And the definition of "hippie" pushed by the media of the time was someone who's lazy, gets high, and doesn't want to work.

    His (and my) definition is someone who cares about more than a bank account number and understands how they relate to world/nature/others on a level most people seem not to comprehend in their desire to accumulate more. That deeper understanding is often what allows them to create things which others could never dream up. Be it music, art, technology, or creatively managing supply chains.
    edited August 13
     0Likes 0Dislikes 0Informatives
  • Reply 6 of 6
    danvmdanvm Posts: 1,509member
    AppleZulu said:
    This right here is a big reason why “late” matters significantly less than people currently think it does. 

    When Apple arrives with something well thought out and distinctly better than what’s currently offered, consumers and critics quickly forget about the “late” part. This is because the Apple version redefines the product category. Then there is no “late,” because the thing that people now want and expect didn’t exist until Apple introduced it. 

    When Apple finally introduces its own AI/machine learning-based products - including a new Siri digital assistant - that provides information that is actually useful and reliably accurate, while also preserving user privacy and security, and also doesn’t rely on IP theft, that’s going to be what people want and expect. Then, within a year or two, all the current, over-hyped, creepy and hallucinating LLM AI models will be left behind as what they really are: not ready for prime time. 

    There are a lot of mp3 players, smart phones, tablets, smart watches and wireless ear buds that all came before Apple’s versions, but nobody is digging them out of junk drawers to show how Apple is always late, because each just demonstrates how the “early” products were insufficient and incomplete when compared to the Apple devices that defined those product categories. 
    I wouldn't say that Apple was late, considering they acquire Siri more than 15 years ago. The problem is that they didn't had the vision on how to make it better, and now they are behind the competition.  We'll see what happens in the next few months / years.
    edited 10:23AM
     0Likes 0Dislikes 0Informatives
Sign In or Register to comment.