MosaicLeaks:Privacy Risks in Querying-in-the-Open for Deep Research Agents
Researchers have identified a significant privacy risk in AI agents that combine private documents with external tools, such as web searches. This risk, termed the "mosaic effect," occurs when individual queries seem innocuous but reveal sensitive information when aggregated. A new benchmark, MosaicLeaks, was developed to test this vulnerability across 1,001 tasks. Experiments showed that current AI models frequently leak private information, with standard privacy prompts offering only partial mitigation and performance-focused reinforcement learning exacerbating the issue. A novel RL framework, PA-DR, was introduced to balance task success with privacy, successfully improving accuracy and reducing leakage in tests. AI
IMPACT Highlights critical privacy vulnerabilities in AI agents, necessitating new training methods like PA-DR to secure sensitive enterprise data.