Agentic AI-Powered Re-Identification: An Emerging, Scalable Threat to Mobility Microdata Privacy

📅 2026-06-26
📈 Citations: 0
Influential: 0
📄 PDF
🤖 AI Summary
This work addresses the severe re-identification privacy risks posed by fine-grained location data collected by commercial data brokers, which traditional attacks struggle to scale due to reliance on manual analysis. The paper proposes the first end-to-end automated re-identification framework, leveraging large language model agents to autonomously harvest publicly available online information and integrate public records, social media profiles, and spatiotemporal trajectory matching algorithms—enabling large-scale identity inference without human intervention. Evaluated on a simulated dataset containing home and workplace address anchors, the method successfully re-identifies 18 out of 43 individuals (41.9%), achieving 72% accuracy among identifiable subjects. This study demonstrates, for the first time in a realistic setting, the feasibility of fully automated, low-cost, and highly efficient re-identification from mobile microdata, fundamentally challenging the conventional paradigm that depends on expert involvement.
📝 Abstract
The widespread collection of fine-grained location data by commercial data brokers creates a re-identification risk that is not widely recognised by the public. While prior research has established that mobility traces are highly unique and that individuals can, in principle, be identified from a handful of spatio-temporal points, such attacks have historically required significant manual effort from skilled analysts, limiting their practical scale. In this feasibility study, we demonstrate in a real world setting that agentic AI fundamentally changes this threat model. We present an end-to-end pipeline in which large language model agents autonomously search the open web, cross-reference public records and social media, and resolve raw coordinate sequences to candidate identities - without human intervention. We evaluate the pipeline on a spatio-temporal dataset containing simulated location points anchored at and around true home and work addresses, focusing on a high-risk disclosure scenario. Our results demonstrate that, from spatio-temporal data and public sources alone, our agentic AI successfully re-identified 18 of the 25 re-identifiable individuals (72%) and 18 of 43 cases overall (41.9%). We discuss implications for Statistical Disclosure Control (SDC) practice and outline the near-future escalation that data custodians and regulators must anticipate. De facto anonymity - an implicit foundation of SDC practice - is shifting. Agentic AI strengthens the case that re-identification is reasonably likely by any means under the GDPR Recital-26 standard, at costs of minutes-and-dollars per target.
Problem

Research questions and friction points this paper is trying to address.

re-identification
mobility microdata privacy
agentic AI
spatio-temporal data
privacy threat
Innovation

Methods, ideas, or system contributions that make the work stand out.

Agentic AI
Re-identification
Mobility Microdata
Large Language Models
Privacy Threat
🔎 Similar Papers
No similar papers found.