Artificial intelligence used in medicine could undermine people’s privacy in unexpected ways, experts have found.
Such medical AI systems have a variety of uses, and many have claimed that it could dramatically improve healthcare. They may be especially useful in those places where specialised medical expertise is rare, and so people may rely on artificial intelligence instead, using it to diagnose problems using medical images, for instance.
But a new study warns that same technology could undermine the privacy of the people whose data is used to train it – without them ever knowing. It is one of a variety of possible security vulnerabilities in what could be a transformative new technology.
The new study warns that malicious users may be able to perform privacy attacks on medical AI systems that could allow hackers to learn whether someone is being treated for a specific disease, for instance.
Like other artificial intelligence systems, medical AI tools work by giving a variety of data – such as patient images – to a computer, and telling it which images indicate a certain outcome. The system can then learn to look for those patterns, allowing it to spot potential symptoms.
The people whose data is used in that study should stay anonymous. But new research suggests that it might be possible to determine whether the data of a specific patient was used to train that model.
That could then be used to learn sensitive medical information about a given patient. In the new study for instance, researchers described a kind of attack that could be used to find whether a person has cancer.
The research looked at a specific hack known as a ”membership inference attack”, which allows hackers to work out whether the data of a specific patient was used to train a given model. They found that such an attack can achieve “near-perfect success rates” for some individual patients, and that the risk is bigger for underrepresented groups.
The ideal summer spot? Away from scams. + Get Protected
Get All-in-One Protection for Your Digital Life
ADVERTISEMENT
The ideal summer spot? Away from scams. + Get Protected
Get All-in-One Protection for Your Digital Life
ADVERTISEMENT
That could then be used by cybercriminals to invade people’s privacy and potentially use the data they gain for other kinds of attacks, the researchers warn.
“Given this vulnerability, medical AI models and their deployment contexts should be assessed for the sensitive information that attackers could obtain by successfully inferring training dataset membership,” the researchers warn. The study should be evidence that medical AI systems be protected against such attacks.
The work is reported in a new paper, ‘Disparate privacy risks from medical AI’, published in the journal Nature.