Recent academic work reveals that large language models can effectively connect burner accounts on social networks to the real people behind them. This capability stems from analyzing public posts and profiles across multiple platforms, yielding results that surpass traditional methods reliant on human-curated datasets or expert investigators.
In experiments, the models achieved a recall rate of 68%, successfully identifying a majority of pseudonymous users. Precision reached as high as 90%, meaning nearly all guesses correctly matched accounts to individuals. These figures indicate a significant leap over classical deanonymization techniques, which often involve labor-intensive data assembly or manual analysis.
The implications for online privacy are profound. Pseudonymity has long served as a basic shield for users engaging in sensitive discussions or posting queries without full exposure. Many operate under the assumption that targeted identification requires substantial effort, but this research suggests that assumption is no longer valid.
“Our findings have significant implications for online privacy,” the researchers noted. “The average online user has long operated under an implicit threat model where they have assumed pseudonymity provides adequate protection because targeted deanonymization would require extensive effort. LLMs invalidate this assumption.”
Cheap and rapid identification of obscured accounts opens avenues for doxxing, stalking, and the construction of detailed marketing profiles. Such profiles could track personal details like location, occupation, and other sensitive information, effectively eroding the privacy measure that pseudonymity once provided.
To test these techniques, researchers gathered datasets from public social media sites while preserving speaker privacy. One dataset combined posts from Hacker News with LinkedIn profiles, linking them through cross-platform references found in user profiles. After stripping all identifying details from the posts, a large language model was applied to analyze the content.
A second dataset originated from a Netflix release of micro-identities, including individual preferences, recommendations, and transaction records. A 2008 research paper demonstrated that using what has come to be known as the Netflix prize attack, such lists could identify users and reveal political affiliations and other personal information.
The final method involved splitting a single user’s Reddit history to assess deanonymization potential. This approach highlights how even fragmented data from one platform can contribute to accurate user linking when processed by advanced AI models.
These findings underscore a shift in the privacy landscape, where pseudonymity may no longer offer sufficient protection against automated analysis. As large language models become more accessible, the ability to unmask users at scale could reshape online interactions and security practices.
