Auditing Privacy in Multi-Tenant RAG under Account Collusion
A new research paper published on arXiv details a privacy vulnerability in multi-tenant Retrieval Augmented Generation (RAG) systems. The study reveals that current privacy guarantees, which are typically account-based, are insufficient when multiple accounts collude. Researchers demonstrated a membership inference attack that shows leakage scales with the square root of the number of colluding accounts, a finding validated across various RAG settings. To address this, the paper proposes an auditable protocol that can verify the privacy of retrieval mechanisms for coalitions up to a specified size without altering the retrieval process. AI
IMPACT Highlights a critical privacy risk in RAG systems, potentially impacting enterprise adoption and requiring new security measures.