Domain Private Transformers for Multi-Domain Dialog Systems
Submission Type: Regular Short Paper
Submission Track: Dialogue and Interactive Systems
Keywords: differential privacy, language models, dialogue, multi-domain language models
TL;DR: We propose “domain privacy” to address cross-domain leakage (language models when prompted with text of one domain generating sensitive text of others), and use membership inference attacks to measure domain privacy of various models.
Abstract: Large, general purpose language models have demonstrated impressive performance across many different conversational domains. While multi-domain language models achieve low overall perplexity, their outputs are not guaranteed to stay within the domain of a given input prompt. This paper proposes \emph{domain privacy} as a novel way to quantify how likely a conditional language model will leak across domains. We also develop policy functions based on token-level domain classification, and propose an efficient fine-tuning method to improve the trained model's domain privacy. Experiments on membership inference attacks show that our proposed method has comparable resiliency to methods adapted from recent literature on differentially private language models.
Submission Number: 3697
Loading