Large Language Models (LLMs) have achieved remarkable progress in natural language understanding, reasoning, and autonomous decision-making. However, these advancements have also come with significant privacy concerns. While significant research has focused on mitigating the data privacy risks of LLMs during various stages of model training, less attention has been paid to new threats emerging from their deployment. The integration of LLMs into widely used applications and the weaponization of their autonomous abilities have created new privacy vulnerabilities. These vulnerabilities provide opportunities for both inadvertent data leakage and malicious exfiltration from LLM-powered systems. Additionally, adversaries can exploit these systems to launch sophisticated, large-scale privacy attacks, threatening not only individual privacy but also financial security and societal trust. In this paper, we systematically examine these emerging privacy risks of LLMs. We also discuss potential mitigation strategies and call for the research community to broaden its focus beyond data privacy risks, developing new defenses to address the evolving threats posed by increasingly powerful LLMs and LLM-powered systems.
翻译:大型语言模型(LLMs)在自然语言理解、推理和自主决策方面取得了显著进展。然而,这些进步也伴随着重大的隐私隐患。尽管已有大量研究致力于缓解LLMs在模型训练各阶段的数据隐私风险,但对于其部署过程中涌现的新型威胁关注较少。LLMs被集成到广泛使用的应用程序中,其自主能力被武器化,这催生了新的隐私脆弱点。这些脆弱点为LLM驱动系统无意中的数据泄露和恶意数据窃取提供了可乘之机。此外,攻击者可利用这些系统发起复杂的大规模隐私攻击,不仅威胁个人隐私,也危及金融安全和社会信任。本文系统性地审视了LLMs这些新兴的隐私风险。我们同时探讨了潜在的缓解策略,并呼吁研究界拓宽关注范围,超越数据隐私风险,开发新的防御机制以应对日益强大的LLMs及LLM驱动系统所带来的不断演变的威胁。