Simple prompt injections can trick LLM agents into exposing sensitive personal data. Even with safeguards, attackers extract details like balances, transactions, or identifiers. Such attacks succeed in ~20% of cases and degrade agent performance by 15–50%. Defensive measures exist but remain incomplete, leaving users exposed. Bottom line: data sovereignty requires stronger guardrails. Trusting LLMs “as […]
Researchers found millions of passports, credit cards, résumés, and faces in DataComp CommonPool, a massive AI training dataset scraped from the web. Auditing just 0.1% revealed hundreds of millions of likely PII (personally identifiable information) items, including sensitive job and health details. Despite face-blurring tools, researchers estimate 102 million faces were missed, and metadata/captions still […]