What Should LLMs Forget? Quantifying Personal Data in LLMs for Right-to-Be-Forgotten Requests
This addresses privacy compliance for LLM users by enabling individual-level data identification, though it is incremental as it builds on existing unlearning and auditing methods.
The paper tackled the problem of identifying which personal data is memorized by large language models (LLMs) to support Right-to-Be-Forgotten requests, by introducing a dataset and metric that quantify human-fact associations, showing memorization correlates with web presence and model scale across 15 LLMs.
Large Language Models (LLMs) can memorize and reveal personal information, raising concerns regarding compliance with the EU's GDPR, particularly the Right to Be Forgotten (RTBF). Existing machine unlearning methods assume the data to forget is already known but do not address how to identify which individual-fact associations are stored in the model. Privacy auditing techniques typically operate at the population level or target a small set of identifiers, limiting applicability to individual-level data inquiries. We introduce WikiMem, a dataset of over 5,000 natural language canaries covering 243 human-related properties from Wikidata, and a model-agnostic metric to quantify human-fact associations in LLMs. Our approach ranks ground-truth values against counterfactuals using calibrated negative log-likelihood across paraphrased prompts. We evaluate 200 individuals across 15 LLMs (410M-70B parameters), showing that memorization correlates with subject web presence and model scale. We provide a foundation for identifying memorized personal data in LLMs at the individual level, enabling the dynamic construction of forget sets for machine unlearning and RTBF requests.