The practical obscurity that once protected anonymous users online is rapidly evaporating, according to new research which demonstrates that artificial intelligence can now unmask individuals with alarming ease and at minimal cost. A study by AI researchers Simon Lermen and Daniel Paleka has found that the large language models (LLMs) powering tools like ChatGPT can successfully link pseudonymous social media accounts to a person’s real identity, forcing what they call a “fundamental reassessment of what can be considered private online”.
The Mechanics of a Modern Privacy Attack
The researchers demonstrated that by feeding an AI the posts from an anonymous account and instructing it to scour the internet for matching details, a user can be identified with high confidence. In a hypothetical example cited in the study, an anonymous user mentioning a struggle at school and walking a dog named Biscuit in “Dolores park” could be enough for an AI to find and link to their known identity elsewhere. Crucially, this process is now automated, scalable, and cheap. The research briefing notes that one study showed LLMs could correctly match 67% of anonymized Hacker News profiles to real LinkedIn accounts with 90% precision, at an estimated cost of just $1 to $4 per profile.
“This is a large scale invasion of privacy,” said Daniel Paleka of ETH Zurich. He stated that the old operational security model, which assumed unmasking someone required hours of skilled investigation, is now broken. LLMs can process thousands of profiles in the time a human could manage a handful, analysing writing style, behavioural patterns, and cross-referencing subtle clues across platforms.
From Personalised Scams to State Surveillance
The implications of this lowered barrier are profound. Malicious hackers can launch “highly personalised” scams with newfound efficiency. Simon Lermen warned that publicly available information can already be “misused straightforwardly” for attacks like spear-phishing, where a hacker poses as a trusted contact. The research briefing adds that AI-generated phishing emails, which are becoming more common and sophisticated, are now harder to detect.
Beyond cybercrime, the paper’s authors highlight the risk of governments using AI to surveil dissidents and activists who post anonymously. This forms part of a broader, alarming trend in AI-powered surveillance, which uses LLMs to synthesise information about individuals on a scale impractical for manual analysis.
The threat also extends to data once considered safely anonymised. Professor Marc Juárez, a cybersecurity lecturer at the University of Edinburgh, warned that LLMs can exploit public data beyond social media. “Hospital records, admissions data, and various other statistical releases could fall short of the high standard of anonymisation necessary in the age of AI,” he said. “It is quite alarming. I think this paper is showing that we should reconsider our practices.”
Limitations and the Risk of False Accusations
AI is not an infallible weapon against anonymity. Professor Marti Hearst of UC Berkeley’s school of information noted that LLMs “can only link across platforms where someone consistently shares the same bits of information in both places,” and that sometimes there is simply not enough data to draw a conclusion. However, this imperfection introduces another danger: error. Peter Bentley, a professor of computer science at UCL, expressed concern about commercial uses of de-anonymisation technology. “People are going to be accused of things they haven’t done,” he warned, citing the tendency of LLMs to sometimes make mistaken links.
An Urgent Call for New Defences
The findings underscore an urgent need for institutions and individuals to rethink data protection. Researchers recommend that social platforms implement technical safeguards as a first step, including enforcing rate limits on user data downloads, detecting automated scraping, and restricting bulk data exports. For individuals, greater caution about the information they share online is advised.
On a regulatory level, frameworks like the EU AI Act, which addresses high-risk AI systems, and existing data protection laws such as the GDPR, which requires a balance between AI’s data needs and the right to privacy, are becoming increasingly relevant. Experts advocate for the adoption of “Privacy by Design” principles, embedding data protection into the very architecture of systems.
This research sits within a wider context where AI systems rely on massive data scraping, often harvesting personal information, and where surveillance technologies are continuously eroding traditional privacy norms. The ethical implications are significant, undermining user expectations and enabling potential discrimination. As the technology advances, the study serves as a stark prompt for a societal and technical recalibration of how anonymity is preserved in the digital age.
