Most anonymization methods assume that once identifiers are removed or replaced, privacy is preserved. However, modern LLMs can infer hidden identities from context, background knowledge, and subtle cues. This creates a new threat: even anonymized text may be re-identifiable by intelligent models.

This project investigates the robustness of current anonymization methods against such LLM-based attacks. In particular, it aims to systematically evaluate whether different anonymization strategies (e.g., masking, generalization, and context-aware rewriting) effectively prevent identity inference, and under which conditions they fail. By treating LLMs as adversaries, the project seeks to better understand the limits of existing anonymization techniques and to inform the design of more resilient, privacy-preserving approaches.

References

1. Deußer, T., Sparrenberg, L., Berger, A., Hahnbück, M., Bauckhage, C. and Sifa, R., 2025, October. A survey on current trends and recent advances in text anonymization. In 2025 IEEE 12th International Conference on Data Science and Advanced Analytics (DSAA) (pp. 1-9). IEEE. https://ieeexplore.ieee.org/abstract/document/11247969?casa_token=NuwZlg92H5oAAAAA:0EZLSRwAd-Y_I2_d0VdbGSkf8uyLI-gF0lgyrPaBUIvS_GnfPvkNGYjwm35RQKjkOx-4–6TBJpE
2. Kandpal, N., Pillutla, K., Oprea, A., Kairouz, P., Choquette-Choo, C.A. and Xu, Z., 2024, November. User inference attacks on large language models. In Proceedings of the 2024 conference on empirical methods in natural language processing (pp. 18238-18265). https://aclanthology.org/2024.emnlp-main.1014/