MosaicLeaks: Can your research agent keep a secret? (huggingface.co)

MosaicLeaks has introduced a crucial change in how deep research agents address the privacy risks associated with querying external information alongside sensitive local data. By revealing that these agents often leak proprietary information through seemingly innocuous web searches—an issue exacerbated when optimizing solely for performance—MosaicLeaks highlights a significant challenge for the AI/ML community. The organization has developed a new training method, Privacy-Aware Deep Research (PA-DR), which simultaneously optimizes for task success and minimizes information leakage, resulting in a substantial drop in private information extraction from 34.0% to 9.9%, while maintaining effectiveness in multi-hop research queries. The research utilizes a controlled benchmark featuring 1,001 multi-hop chains that interweave local enterprise knowledge with web data to creatively measure leakage. The PA-DR method emphasizes teaching agents the importance of query construction instead of relying on superficial prompts for privacy. Results show that agents trained with PA-DR can achieve nearly identical task performance compared to traditional models while significantly improving privacy outcomes. This development underscores a critical shift toward more robust privacy training in AI applications, offering a path to safer and more responsible AI research agents in sensitive environments like healthcare and enterprise settings.