Graph convolutional networks (GCNs) are a powerful architecture for representation learning and making predictions on documents that naturally occur as graphs, e.g., citation or social networks. Data containing sensitive personal information, such as documents with people's profiles or relationships as edges, are prone to privacy leaks from GCNs, as an adversary might reveal the original input from the trained model. Although differential privacy (DP) offers a well-founded privacy-preserving framework, GCNs pose theoretical and practical challenges due to their training specifics. We address these challenges by adapting differentially-private gradient-based training to GCNs. We investigate the impact of various privacy budgets, dataset sizes, and two optimizers in an experimental setup over five NLP datasets in two languages. We show that, under certain modeling choices, privacy-preserving GCNs perform up to 90% of their non-private variants, while formally guaranteeing strong privacy measures.

中文翻译：

---

文本分类的隐私保护图卷积网络

图卷积网络（GCN）是一种强大的体系结构，用于表示学习和对自然以图形形式出现的文档（例如引文或社交网络）进行预测。包含敏感个人信息的数据（例如以人的个人资料或亲戚关系为边缘的文档）容易受到GCN的隐私泄露，因为对手可能会泄露受过训练的模型的原始输入。尽管差异隐私（DP）提供了一个有充分依据的隐私保护框架，但是GCN由于其培训内容而在理论和实践上都面临挑战。我们通过针对GCN调整基于差异私立梯度的培训来应对这些挑战。我们在以两种语言编写的五个NLP数据集的实验设置中，研究了各种隐私预算，数据集大小和两个优化器的影响。我们证明