Researchers have demonstrated that Large Language Models (LLMs) can unmask pseudonymous online users with surprising accuracy, significantly outperforming older, more resource-intensive methods. In experiments using the Netflix dataset, LLMs proved far more effective than classical deanonymization techniques.
The precision of LLM-based attacks decays more gracefully than classical methods, allowing for higher recall even at low precision levels. This advancement means LLMs are rapidly surpassing traditional approaches to identifying individuals online.
Potential mitigations include platforms enforcing API rate limits, detecting automated scraping, and LLM providers building guardrails against deanonymization requests. Experts warn that unchecked, these capabilities could enable governments to unmask critics, corporations to assemble extensive customer profiles for hyper-targeted advertising, and attackers to launch sophisticated social engineering scams. The findings underscore an urgent need to re-evaluate computer security and privacy in light of LLM-driven offensive cyber capabilities.