Privacy preservation in federated learning: An insightful survey from the GDPR perspective

Nguyen Truong*, Kai Sun, Siyao Wang, Florian Guitton, Yi Ke Guo*

*Corresponding author for this work

Research output: Contribution to journalJournal articlepeer-review

88 Citations (Scopus)


In recent years, along with the blooming of Machine Learning (ML)-based applications and services, ensuring data privacy and security have become a critical obligation. ML-based service providers not only confront with difficulties in collecting and managing data across heterogeneous sources but also challenges of complying with rigorous data protection regulations such as EU/UK General Data Protection Regulation (GDPR). Furthermore, conventional centralised ML approaches have always come with long-standing privacy risks to personal data leakage, misuse, and abuse. Federated learning (FL) has emerged as a prospective solution that facilitates distributed collaborative learning without disclosing original training data. Unfortunately, retaining data and computation on-device as in FL are not sufficient for privacy-guarantee because model parameters exchanged among participants conceal sensitive information that can be exploited in privacy attacks. Consequently, FL-based systems are not naturally compliant with the GDPR. This article is dedicated to surveying of state-of-the-art privacy-preservation techniques in FL in relations with GDPR requirements. Furthermore, insights into the existing challenges are examined along with the prospective approaches following the GDPR regulatory guidelines that FL-based systems shall implement to fully comply with the GDPR.

Original languageEnglish
Article number102402
Number of pages23
JournalComputers and Security
Early online date17 Jul 2021
Publication statusPublished - Nov 2021

Scopus Subject Areas

  • Computer Science(all)
  • Law

User-Defined Keywords

  • Data protection regulation
  • Federated learning
  • GDPR
  • Personal data
  • Privacy
  • Privacy preservation


Dive into the research topics of 'Privacy preservation in federated learning: An insightful survey from the GDPR perspective'. Together they form a unique fingerprint.

Cite this