Learning to Refuse: Towards Mitigating Privacy Risks in LLMs
This addresses privacy risks for users of LLMs by mitigating data leakage, though it is incremental as it builds on existing machine unlearning methods.
The study tackled the problem of LLMs inadvertently memorizing private information by enabling them to protect specific individuals' data without retraining, resulting in a state-of-the-art unlearning score that surpassed the best baseline by 5.65 points.
Large language models (LLMs) exhibit remarkable capabilities in understanding and generating natural language. However, these models can inadvertently memorize private information, posing significant privacy risks. This study addresses the challenge of enabling LLMs to protect specific individuals' private data without the need for complete retraining. We propose \return, a Real-world pErsonal daTa UnleaRNing dataset, comprising 2,492 individuals from Wikipedia with associated QA pairs, to evaluate machine unlearning (MU) methods for protecting personal data in a realistic scenario. Additionally, we introduce the Name-Aware Unlearning Framework (NAUF) for Privacy Protection, which enables the model to learn which individuals' information should be protected without affecting its ability to answer questions related to other unrelated individuals. Our extensive experiments demonstrate that NAUF achieves a state-of-the-art average unlearning score, surpassing the best baseline method by 5.65 points, effectively protecting target individuals' personal data while maintaining the model's general capabilities.