Privacy Risks of General-Purpose AI Systems: A Foundation for Investigating Practitioner Perspectives

TL;DR

This work analyzes privacy risks of General-Purpose AI Systems ($GPAIS$), noting that existing surveys offer fragmented taxonomies. It proposes a unified privacy framework and a practitioner-focused risk catalog, complemented by an interview study to gauge technical stakeholder perceptions. Methodologically, it conducts a Kitchenham-guided systematic literature review to identify risk categories and mitigations from 12 survey papers, and outlines expert feedback in workshops and semi-structured interviews to validate and extend the catalog. The aim is a living, actionable resource that maps mitigations to specific risks, enabling developers and organizations to reason about privacy in GPAIS and prioritize mitigations accordingly.

Abstract

The rise of powerful AI models, more formally $\textit{General-Purpose AI Systems}$ (GPAIS), has led to impressive leaps in performance across a wide range of tasks. At the same time, researchers and practitioners alike have raised a number of privacy concerns, resulting in a wealth of literature covering various privacy risks and vulnerabilities of AI models. Works surveying such risks provide differing focuses, leading to disparate sets of privacy risks with no clear unifying taxonomy. We conduct a systematic review of these survey papers to provide a concise and usable overview of privacy risks in GPAIS, as well as proposed mitigation strategies. The developed privacy framework strives to unify the identified privacy risks and mitigations at a technical level that is accessible to non-experts. This serves as the basis for a practitioner-focused interview study to assess technical stakeholder perceptions of privacy risks and mitigations in GPAIS.