Compromising privacy by leaking sensitive information
AI systems that memorize and leak sensitive personal data or infer private information about individuals without their consent. Unexpected or unauthorized sharing of data and information can compromise user expectation of privacy, assist identity theft, or cause loss of confidential intellectual property.
"A LM can “remember” and leak private data, if such information is present in training data, causing privacy violations [34]."(p. 217)
Supporting Evidence (2)
"Privacy leaks were observed in GPT-2 without any malicious prompting - specifically, the LM provided personally identifiable information (phone numbers and email addresses) that had been published online and formed part of the web scraped training corpus [34]. The GPT-3 based tool Co-pilot was found to leak functional API keys [109]."(p. 218)
"In the future, LMs may have the capability of triangulating data to infer and reveal other secrets, such as a military strategy or business secret, potentially enabling individuals with access to this information to cause more harm."(p. 218)
Part of Risk area 2: Information Hazards
Other risks from Weidinger et al. (2022) (25)
Risk area 1: Discrimination, Hate speech and Exclusion
1.2 Exposure to toxic contentRisk area 1: Discrimination, Hate speech and Exclusion > Social stereotypes and unfair discrimination
1.1 Unfair discrimination and misrepresentationRisk area 1: Discrimination, Hate speech and Exclusion > Hate speech and offensive language
1.2 Exposure to toxic contentRisk area 1: Discrimination, Hate speech and Exclusion > Exclusionary norms
1.1 Unfair discrimination and misrepresentationRisk area 1: Discrimination, Hate speech and Exclusion > Lower performance for some languages and social groups
1.3 Unequal performance across groupsRisk area 2: Information Hazards
2.1 Compromise of privacy by leaking or correctly inferring sensitive information