Emergent Identity Inference in Large Language Models
A research initiative to quantify the capability of AI to synthesise anonymous data into accurate personal profiles
Project Manager:
Introduction & Rationale
Data anonymisation is a foundational principle of digital privacy, intended to allow for the
analysis of large datasets while protecting individual identities. This principle rests on the
assumption that removing personally identifiable information (PII) is sufficient to prevent the
re-identification of individuals.
This research project challenges this assumption in the context of modern Large Language Models
(LLMs). We hypothesise that the advanced pattern-matching and synthesis capabilities of these
models have given rise to a novel privacy risk: emergent identity inference. This is the ability
of an AI to construct a detailed and accurate profile of a specific individual by synthesising
disparate, non-personally identifiable data points scattered across the public internet.
This project will provide the first rigorous, empirical audit of this "zero-shot" inferential
capability in publicly accessible AI systems, addressing a critical gap in our understanding of
AI's impact on personal privacy.
Research Objectives
The project is structured around three primary objectives:
- To empirically validate the capability of pre-trained LLMs to perform zero-shot identity inference from a curated set of anonymous, public data points.
- To quantify the accuracy and detail of the inferred personal profiles against a controlled, ground-truth persona.
- To analyse the implications of these findings for existing data privacy paradigms, particularly the efficacy of anonymisation as a privacy-preserving technique in the age of AI.
Methodology
Our research is centred on a novel, zero-cost experimental framework named the "Public Data
Ghost Audit." This methodology is designed to be transparent, replicable, and to directly test
the inferential power of AI models without requiring fine-tuning or proprietary data access.
The audit consists of five distinct phases:
- Ground-Truth Persona Construction: We will develop several detailed, fictional personas ("digital ghosts") that include a unique combination of interests, demographic details, and location data.
- Public Data Seeding: A series of anonymous, disconnected data points corresponding to each persona will be seeded on publicly indexable websites (e.g., forums, review sites, social media comments).
- Latency Period for Indexing: A cool-down period will be observed to allow for the natural indexing of this new data by web crawlers, making it potentially accessible to web-enabled AI models.
- Zero-Shot Inferential Querying: We will conduct a systematic audit of leading public LLMs, using structured and chain-of-thought prompting techniques to query for individuals matching the characteristics of our digital ghosts.
- Quantitative Accuracy Scoring: The AI-generated profiles will be rigorously scored against the ground-truth personas to produce a quantitative measure of the model's inferential accuracy.
Significance & Contributions
This research is poised to make significant contributions to several fields:
- AI Safety & Privacy Research: It will introduce a novel, zero-cost, and replicable framework for auditing emergent AI capabilities and provide a foundational dataset on the risks of inferential data creation.
- Policy and Regulation: It will deliver critical empirical evidence to inform the debate on data protection, demonstrating how the concept of "inferred data" challenges the adequacy of existing legal frameworks like GDPR.
- Public Discourse: It will provide a clear, data-driven analysis of a complex privacy risk, fostering a more nuanced public understanding of the societal implications of large-scale AI deployment.
Persona Creation Framework & Template
CompletedInputs:
- Initial project scope
- Research into creating plausible, non-identifiable yet unique personal attributes.
Process:
- Draft, review, and finalise a standardised template which defines the key attributes for each "digital ghost," ensuring consistency across all experimental subjects.
Outputs:
- Version-controlled markdown template (persona_template.md)
Completed by:
sn00z
Development of Data Seeding Strategy & Anonymity Guidelines
CompletedInputs:
- persona_template.md - The persona creation framework
- Research on suitable public platforms (forums, Q&A, micro‑notes, etc.)
- Operational security (OPSEC) best practices.
Processes:
- Develop a set of strict guidelines to govern the data seeding process. This includes rules for maintaining anonymity (e.g., use of VPNs, no account cross-linking), types of content to post, and a list of approved platforms.
Outputs:
Completed by:
sn00z
Identification and Selection of Target LLMs for Audit
CompletedInputs:
- A landscape analysis of currently available, public-facing LLMs.
Processes:
- Select target LLMs for audit based on criteria such as public accessibility, model capability, and market share (e.g., models from Google, OpenAI, Anthropic, etc.).
Outputs:
- Finalised list of target models (target_llms.md).
Completed by:
BD
Literature Review on Prompt Engineering Techniques
CompletedInputs:
- Academic databases and pre-print archives (e.g., arXiv).
Processes:
- Review current state-of-the-art prompt engineering strategies to inform the development of our own querying protocol.
Outputs:
- Summary of relevant techniques and a bibliography (lit_review_prompts.md).
Completed by:
Ellroi
Digital Ghost Persona #1 (DG-01)
OutstandingInputs:
Processes:
- Fill out template to create the first complete ground-truth persona. Review the profile for uniqueness, plausibility, and experimental suitability.
Outputs:
- DG-01_profile.md
Construction of Remaining Digital Ghost Personas (DG-02, DG-03)
OutstandingInputs:
- persona_template.md
- Completed DG-01_profile.md for cross-referencing.
Processes:
- Create two new, distinct personas, ensuring quality and uniqueness against DG-01.
Outputs (expected):
- Persona files (DG-02_profile.md, DG-03_profile.md).
Establish Protocol for Scoring Audit Results
OutstandingInputs:
- Completed persona profiles (DG-01_profile.md, DG-02_profile.md, DG-03_profile.md)
- Academic research on qualitative data analysis.
Processes:
- Design the analytical framework for the final results. Develop a rubric to score the accuracy and completeness of the AI's inferred profiles against our ground-truth personas.
Outputs (expected):
- scoring_rubric.md document that will be used to ensure consistent analysis of the audit results.
Development of Querying Protocol & Prompt Library
OutstandingInputs:
- Completed lit_review_prompts.md for theoretical grounding.
- Completed persona profiles as they become available (DG-01_profile.md, DG-02_profile.md, DG-03_profile.md).
- List of target_llms.md to understand model-specific syntax or behavior.
Processes:
- Design a comprehensive set of prompts based on the literature review and the specifics of each persona.
- Categorise prompts by type (e.g., Simple Direct Query, Chain-of-Thought, Role-Playing Scenario) and by the persona they are designed to target.
- Review, refine, and structure the collection of prompts into a single, well-organised document.
Outputs (expected):
- Version-controlled query_library.md file, which will serve as the official script for the audit phase.
Execute Data Seeding for DG-01
OutstandingInputs:
- Completed persona profile DG-01_profile.md
- seeding_guidelines.md
Processes:
- Take specific data points from the DG-01 persona profile and create public posts according to the guidelines, and log the details.
Outputs (expected):
- New entries added to seeding_log.csv.
Execute Data Seeding for DG-02 & DG-03
OutstandingInputs:
- Completed persona profiles DG-01_profile.md, DG-02_profile.md, DG-03_profile.md
- seeding_guidelines.md
Processes:
- Take specific data points from the DG-02 and DG-03 persona profiles and create public posts according to the guidelines, and log the details.
Outputs (expected):
- New entries added to seeding_log.csv.
Initiation of Latency Period for Indexing
OutstandingInputs:
- seeding_log.csv, confirming that all planned data points for all digital personas have been successfully deployed.
- Pre-determined duration for the latency period (e.g., 30 days).
Processes:
- Audit seeding_log.csv to confirm all entries are complete and valid.
- Calculate formal start and end date for the latency period, effectively starting the countdown.
Outputs (expected):
- Official project status update marking the beginning and end of the latency period.
Execution of Inferential Audit on LLMs
OutstandingInputs:
- Finalised query_library.md containing the full set of structured prompts
- List of target_llms.md specifying which AI models to audit.
- Ground-truth persona files (DG-01_profile.md, DG-02_profile.md, DG-03_profile.md) to guide the querying process.
- The official end of the latency period.
Processes:
- Systematically execute the prompts on the designated AI models' public interfaces
- Copy and log the full, verbatim response from each LLM for each query into a structured data format. Each entry should include the prompt, the response, the model version, and a timestamp.
Outputs (expected):
- Comprehensive raw data file (audit_results.json) containing the complete log of all queries and their corresponding AI-generated responses. This file will serve as the primary dataset for final analysis.
Score and Analyse Audit Results
OutstandingInputs:
- audit_results.json containing the complete log of all queries and AI responses
- scoring_rubric.md for consistent evaluation criteria
- Ground-truth persona files (DG-01_profile.md, DG-02_profile.md, DG-03_profile.md)
Processes:
- Systematically apply the scoring rubric to each AI-generated response
- Perform statistical analysis to identify patterns in inference accuracy across different models and persona types
- Conduct qualitative analysis to understand the nature and quality of inferred information
- Generate visualisations and charts to illustrate key findings
Outputs (expected):
- Comprehensive analysis_report.md with key findings, statistical summaries, and interpretations
- Supporting data files and visualisations for the analysis
Draft Final Research Paper
OutstandingInputs:
- analysis_report.md with comprehensive findings
- All methodology documents (persona_template.md, seeding_guidelines.md, query_library.md, etc.)
- Literature review and background research
Processes:
- Synthesise all project phases, methodologies, findings, and implications into a formal academic paper
- Structure the paper to include introduction, methodology, results, discussion, and conclusions
- Address the broader implications for data privacy, AI safety, and policy considerations
- Ensure the paper meets academic standards for rigour and clarity
Outputs (expected):
- Complete research_paper_draft.md
- Executive summary for policy makers and public dissemination
Project Repository
This repository contains all materials generated from the project.
- persona_template.md - Standardised template for digital ghost personas
- seeding_guidelines.md - Guidelines for data seeding process
- target_llms.md - Finalised list of target models for audit
- lit_review_prompts.md - Summary of prompt engineering techniques and bibliography