Lets look at a real world use case. The Datacomp suite of CLIP models claimed to put privacy first by blurring faces before training. However, we found that even after a strict facial crop, Datacomp models could still identify people. This was not the case when heavy blurring was performed. (9/10)
October 22, 2025 at 7:34 PM
Lets look at a real world use case. The Datacomp suite of CLIP models claimed to put privacy first by blurring faces before training. However, we found that even after a strict facial crop, Datacomp models could still identify people. This was not the case when heavy blurring was performed. (9/10)
We consider 3 setups where Alice submits images of Bob to identify him by name. (1) Alice has Bob's name (see Hintersdorf et al) (2) Alice has a phonebook with Bob's name (3) Alice generates a set of plausible names (then performs 2). (4/10)
October 22, 2025 at 7:34 PM
We consider 3 setups where Alice submits images of Bob to identify him by name. (1) Alice has Bob's name (see Hintersdorf et al) (2) Alice has a phonebook with Bob's name (3) Alice generates a set of plausible names (then performs 2). (4/10)