Individual privacy levels in query-based anonymization

Artificial intelligence systems such as Large Language Models (LLM) derive their knowledge from large datasets. Systems like ChatGPT therefore rely on shared data to train on. For companies, releasing data to the public domain requires anonymization as soon as an individual is identifiable. While there are several privacy models that guarantee a certain level of distortion applied to a dataset, to mitigate re-identification, e.g. with k-anonymity, the required level is generally defined by the data processor. We propose the idea of combining individual privacy levels defined by the data subjects themselves with a privacy language, such as the Layered Privacy Language (LPL) [10], to get a more fine-grained understanding of the effectively required privacy level. Queries that target subsets of the dataset to be released can only benefit from lower privacy requirements set by data subjects, as these response subsets may do not contain users with high privacy requirements, which can then lead to more utility. By analyzing the results of different queries to a privacy-aware data-transforming database system, we demonstrate the characteristics required for this assumption to be truly effective. For a more realistic evaluation, we also consider changes in the underlying data sources.