Richard Plant R.Plant@napier.ac.uk
Research Student
You Are What You Write: Author re-identification privacy attacks in the era of pre-trained language models
Plant, Richard; Giuffrida, Valerio; Gkatzia, Dimitra
Authors
Valerio Giuffrida
Dr Dimitra Gkatzia D.Gkatzia@napier.ac.uk
Associate Professor
Abstract
The widespread use of pre-trained language models has revolutionised knowledge transfer in natural language processing tasks. However, there is a concern regarding potential breaches of user trust due to the risk of re-identification attacks, where malicious users could extract Personally Identifiable Information (PII) from other datasets. To assess the extent of extractable personal information on popular pre-trained models, we conduct the first wide coverage evaluation and comparison of state-of-the-art privacy-preserving algorithms on a large multi-lingual dataset for sentiment analysis annotated with demographic information (including location, age, and gender). Our results suggest a link between model complexity, pre-training data volume, and the efficacy of privacy-preserving embeddings. We found that privacy-preserving methods demonstrate greater effectiveness when applied to larger and more complex models, with improvements exceeding over non-private baselines. Additionally, we observe that local differential privacy imposes serious performance penalties of in our test setting, which can be mitigated using hybrid or metric-DP techniques.
Citation
Plant, R., Giuffrida, V., & Gkatzia, D. (2025). You Are What You Write: Author re-identification privacy attacks in the era of pre-trained language models. Computer Speech and Language, 90, Article 101746. https://doi.org/10.1016/j.csl.2024.101746
| Journal Article Type | Article |
|---|---|
| Acceptance Date | Oct 28, 2024 |
| Online Publication Date | Nov 16, 2024 |
| Publication Date | 2025-03 |
| Deposit Date | Oct 28, 2024 |
| Publicly Available Date | Nov 16, 2024 |
| Print ISSN | 0885-2308 |
| Publisher | Elsevier |
| Peer Reviewed | Peer Reviewed |
| Volume | 90 |
| Article Number | 101746 |
| DOI | https://doi.org/10.1016/j.csl.2024.101746 |
| Keywords | language models, privacy-preserving, differential privacy, adversarial learning, re-identification attacks |
Files
You Are What You Write: Preserving Privacy In The Era Of Pre-trained Language Models
(4.1 Mb)
PDF
Publisher Licence URL
http://creativecommons.org/licenses/by-nc/4.0/
You might also like
CAPE: Context-Aware Private Embeddings for Private Language Learning
(2021)
Presentation / Conference Contribution
Evaluating Language Model Vulnerability to Poisoning Attacks in Low-Resource Settings
(2024)
Journal Article
Data-to-Text Generation Improves Decision-Making Under Uncertainty
(2017)
Journal Article
Multi-adaptive Natural Language Generation using Principal Component Regression
(2014)
Presentation / Conference Contribution
Downloadable Citations
About Edinburgh Napier Research Repository
Administrator e-mail: repository@napier.ac.uk
This application uses the following open-source libraries:
SheetJS Community Edition
Apache License Version 2.0 (http://www.apache.org/licenses/)
PDF.js
Apache License Version 2.0 (http://www.apache.org/licenses/)
Font Awesome
SIL OFL 1.1 (http://scripts.sil.org/OFL)
MIT License (http://opensource.org/licenses/mit-license.html)
CC BY 3.0 ( http://creativecommons.org/licenses/by/3.0/)
Powered by Worktribe © 2025
Advanced Search