Go to ACL ARR 2025 February homepageS-RAG: A Novel Audit Framework for Detecting Unauthorized Use of Personal Data in RAG Systems
Abstract: Retrieval-Augmented Generation (RAG) systems combine external data retrieval with text generation and have become essential in applications requiring accurate and context-specific responses. However, their reliance on external data raises critical concerns about unauthorized collection and usage of personal information. To ensure compliance with data protection regulations like GDPR and detect improper use of data, we propose the Shadow RAG Auditing Data Provenance (S-RAG) framework. S-RAG enables users to determine whether their textual data has been utilized in RAG systems, even in black-box settings with no prior system knowledge. It is effective across open-source and closed-source RAG systems and resilient to defense strategies. Experiments demonstrate that S-RAG achieves an improvement in Accuracy by 19.9\% (compared to the best baseline), while maintaining strong performance under adversarial defenses. Furthermore, we analyze how the auditor's knowledge of the target system affects performance, offering practical insights for privacy-preserving AI systems. Our code is open-sourced online.
Paper Type: Long
Research Area: NLP Applications
Research Area Keywords: security/privacy
Contribution Types: NLP engineering experiment, Publicly available software and/or pre-trained models
Languages Studied: English
Submission Number: 7039
Loading