GHGA Lecture Series: Jean-Pierre Hubaux (virtual)

Professor Jean-Pierre Hubaux from the École polytechnique fédérale de Lausanne (EPFL)  presented "GDPR-Compliant Federated Learning on Medical Data" at the GHGA lecture series ("Advances in Data-Driven Biomedicine") on November 21, 2022.

Watch this lecture here.


Datasets are often siloed, as each of them needs to remain under the control of its data provider. Nevertheless, ML models have to be generated and run over these datasets. Over the last years, we have tackled this challenge in the framework of the Swiss Personalized Health Network . In this talk, we address the problem of privacy-preserving training and evaluation of neural networks in an N-party, federated learning setting. We propose a set of techniques that enable privacy-preserving neural network training. They rely on multiparty lattice-based cryptography to preserve the confidentiality of the training data, the model, and the evaluation data, under a passive-adversary model and collusions between up to N−1 parties. They make use of homomorphic encryption and secure multi-party computation. Our experimental results show that these techniques achieve an accuracy similar to centralized (or decentralized) non-private approaches and that their computation and communication overhead scales linearly with the number of parties. Furthermore, we explain how we are using these techniques for the federated analysis of medical data, in particular for genome-wide association studies. We also describe MedCo, the system under deployment in Swiss hospitals and abroad.  Finally, we mention our joint work with lawyers to show GDPR compliance, and explain how our start-up Tune Insight leverages on these techniques. We have published our work notably in the following papers: Nature CommunicationsCell PatternsNDSSUsenix SecurityJournal of Medical Internet ResearchEuroCryptPETS and again PETS.


Jean-Pierre Hubaux is a full professor at EPFL and head of the Laboratory for Data Security. Through his research, he contributes to laying the foundations and developing the tools for protecting privacy in today’s hyper-connected world. He has pioneered the areas of privacy and security in mobile/wireless networks and in personalized health.

He is the academic director of the Center for Digital Trust (C4DT). Until December 2021, he led the now concluded Data Protection in Personalized Health (DPPH) project funded by the ETH Council. He is a Fellow of both IEEE (2008) and ACM (2010). Recent awards: three of his papers obtained distinctions at the IEEE Symposium on Security and Privacy in 20152018 and 2021. He is among the most cited researchers in privacy protection and in information security. More about him here.