In their research article, the authors focus on the issue of extracting memorized training data from large language models (LLMs). However, they emphasize that the capabilities of these models in inferring personal attributes from text at inference time have increased significantly. They conduct a study using real Reddit profiles and demonstrate that current LLMs can accurately infer personal attributes such as location, income, and sex. Surprisingly, these models achieve high accuracy levels while being much faster and more cost-effective than humans. The authors also discuss the potential threat of privacy-invasive chatbots that extract personal information through seemingly innocent questions. They argue that current defenses against LLM inference, such as text anonymization and model alignment, are inadequate. Thus, they call for a broader discussion and improved privacy protection in relation to LLMs.
https://arxiv.org/abs/2310.07298