Differential Privacy in the Era of Foundation Models
Semester: Winter 2025/2026
Added: Oct 15, 2025
Winter 2025/2026
Instructor: Franziska Boenisch
Contact: franziska.boenisch@cispa.de
Lectures: Wednesday 16:05-18:00, CISPA building (Stuhlsatzenhaus 5, Room 0.02 / 0.07)
Description
In recent years, foundation models, such as GPT, LLaMA, Dall-E, or Stable Diffusion, have transformed the field of machine learning. However, this also raises significant privacy concerns when sensitive data is involved. This seminar explores how differential privacy (DP), the leading standard for privacy protection, can be applied to foundation models to mitigate these risks. We will dive into the fundamentals of both DP and foundation models, study how they intersect, and explore strategies for integrating privacy guarantees into these cutting-edge systems.
Assignments
Requirements include reading the relevant papers ahead of time, active participation, delivering an oral presentation, and submitting a seminar report.
- Seminar Report: Comprehensive report detailing requirements. Deadline: February 20th, 2026 via CMS-submissions.
Schedule
| Date | Topic | Location | Notes |
|---|---|---|---|
| 15.10.2025 | Introduction: Presentation of Seminar Topics, and “How-To” give a presentation | Room 0.07 | |
| 22.10.2025 | Topic 1: Introduction to Foundation Models & The Pre-train/Adapt Paradigm | Room 0.02 | |
| 29.10.2025 | Topic 2: Introduction to Differential Privacy | Room 0.02 | |
| 05.11.2025 | Topic 3: Privacy Risks in Foundation Models (Data Extraction) | Room 0.02 | |
| 12.11.2025 | Topic 4: Privacy Risks in Foundation Models (Membership Inference) | Room 0.02 | |
| 19.11.2025 | Topic 5: Memorization in Foundation Models | Room 0.02 | |
| 26.11.2025 | Topic 6: Privately Pre-Training Diffusion Models | Room 0.02 | Dual topic day |
| 26.11.2025 | Topic 7: Privately Training Large Language Models | Room 0.02 | Dual topic day |
| 07.01.2026 | Topic 8: Other Private Language Model Adaptations | Room 0.02 | |
| 14.01.2026 | Topic 9: Differential Privacy Auditing | Room 0.02 | |
| 21.01.2026 | Topic 10: Unlearning | Room 0.02 | |
| 28.01.2026 | Topic 11: Problems and Open Research Directions in Privacy-Preserving Machine Learning in Foundation Models | Room 0.02 | |
| 04.02.2026 | Topic 12: Technical and Societal Impact of Foundation Model Privacy | Room 0.02 | |
| 20.02.2026 | Report Due | — | Deadline |
Feedback
Feedback and administration notices are periodically posted on the CMS.
Course Staff
- Franziska Boenisch (Instructor)