Machine learning methods have become a commodity in the toolkits of both researchers and practitioners. For performance and privacy reasons, new applications often rely on third-party code or pretrained models, train on crowd-sourced data, and sometimes move learning to users’ devices. This introduces vulnerabilities such as backdoors, i.e., unrelated tasks that the model may unintentionally learn when an adversary controls parts of the training data or pipeline. In this thesis, we identify new threats to ML models and propose approaches that balance security, accuracy, and privacy without disruptive changes to the existing training infrastructures.