LEAKPRO II: Operational Privacy Risk Management for AI Systems
| Reference number | |
| Coordinator | Lindholmen Science Park AB - AI Sweden |
| Funding from Vinnova | SEK 13 787 510 |
| Project duration | November 2025 - November 2027 |
| Status | Ongoing |
| Venture | Advanced digitalization - Industrial needs-driven innovation |
| Call | Advanced digitalization - Industrial demand-driven innovation 2025 (round two) |
Purpose and goal
LeakPro is an open-source framework that evaluates how AI models, synthetic data, and federated learning models may leak sensitive information by running advanced privacy attacks. This project continues that work by expanding attack methods, adding harm-assessment tools, and improving regulatory alignment. The goal is to make LeakPro a reliable, practical resource for DPIAs and for enabling safe, compliant data and model sharing.
Expected effects and result
The project will deliver an expanded LeakPro framework with broader privacy attack coverage and tools for estimating data-subject harm. It will provide clearer links between technical findings and regulatory requirements, enabling organizations to run more objective and reproducible DPIAs. The expected effect is safer, well-informed data and model sharing, stronger compliance processes, and improved trust in AI systems across sectors.
Planned approach and implementation
The project will extend the LeakPro framework by developing new privacy attacks and integrating methods for data-subject harm estimation. Technical components, regulatory alignment, and organizational needs will be developed in parallel to ensure consistent outputs. The implementation includes iterative testing with partner use cases, creating guidelines, and preparing LeakPro for practical use in DPIAs and secure data-sharing workflows.