{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,4,14]],"date-time":"2026-04-14T16:30:23Z","timestamp":1776184223873,"version":"3.50.1"},"reference-count":48,"publisher":"MDPI AG","issue":"11","license":[{"start":{"date-parts":[[2024,11,4]],"date-time":"2024-11-04T00:00:00Z","timestamp":1730678400000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0\/"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["Information"],"abstract":"Generative AI, including large language models (LLMs), has transformed the paradigm of data generation and creative content, but this progress raises critical privacy concerns, especially when models are trained on sensitive data. This review provides a comprehensive overview of privacy-preserving techniques aimed at safeguarding data privacy in generative AI, such as differential privacy (DP), federated learning (FL), homomorphic encryption (HE), and secure multi-party computation (SMPC). These techniques mitigate risks like model inversion, data leakage, and membership inference attacks, which are particularly relevant to LLMs. Additionally, the review explores emerging solutions, including privacy-enhancing technologies and post-quantum cryptography, as future directions for enhancing privacy in generative AI systems. Recognizing that achieving absolute privacy is mathematically impossible, the review emphasizes the necessity of aligning technical safeguards with legal and regulatory frameworks to ensure compliance with data protection laws. By discussing the ethical and legal implications of privacy risks in generative AI, the review underscores the need for a balanced approach that considers performance, scalability, and privacy preservation. The findings highlight the need for ongoing research and innovation to develop privacy-preserving techniques that keep pace with the scaling of generative AI, especially in large language models, while adhering to regulatory and ethical standards.<\/jats:p>","DOI":"10.3390\/info15110697","type":"journal-article","created":{"date-parts":[[2024,11,4]],"date-time":"2024-11-04T10:57:20Z","timestamp":1730717840000},"page":"697","update-policy":"https:\/\/doi.org\/10.3390\/mdpi_crossmark_policy","source":"Crossref","is-referenced-by-count":88,"title":["Privacy-Preserving Techniques in Generative AI and Large Language Models: A Narrative Review"],"prefix":"10.3390","volume":"15","author":[{"ORCID":"https:\/\/orcid.org\/0000-0002-3597-1187","authenticated-orcid":false,"given":"Georgios","family":"Feretzakis","sequence":"first","affiliation":[{"name":"School of Science and Technology, Hellenic Open University, 26335 Patras, Greece"}]},{"ORCID":"https:\/\/orcid.org\/0009-0006-2382-7360","authenticated-orcid":false,"given":"Konstantinos","family":"Papaspyridis","sequence":"additional","affiliation":[{"name":"Computer Science, University of Toronto, Toronto, ON M5S 2E4, Canada"}]},{"given":"Aris","family":"Gkoulalas-Divanis","sequence":"additional","affiliation":[{"name":"Merative Healthcare, D02 NY19 Dublin, Ireland"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-9758-0819","authenticated-orcid":false,"given":"Vassilios S.","family":"Verykios","sequence":"additional","affiliation":[{"name":"School of Science and Technology, Hellenic Open University, 26335 Patras, Greece"}]}],"member":"1968","published-online":{"date-parts":[[2024,11,4]]},"reference":[{"key":"ref_1","doi-asserted-by":"crossref","unstructured":"Yang, Y., Zhang, B., Guo, D., Du, H., Xiong, Z., Niyato, D., and Han, Z. (2024). Generative AI for Secure and Privacy-Preserving Mobile Crowdsensing. arXiv.","DOI":"10.1109\/MWC.004.2400017"},{"key":"ref_2","unstructured":"Baig, A. (2024, September 10). Generative AI Privacy: Issues, Challenges & How to Protect?. Available online: https:\/\/securiti.ai\/generative-ai-privacy\/."},{"key":"ref_3","doi-asserted-by":"crossref","unstructured":"Aziz, R., Banerjee, S., Bouzefrane, S., and Le Vinh, T. (2023). Exploring Homomorphic Encryption and Differential Privacy Techniques towards Secure Federated Learning Paradigm. Future Internet, 15.","DOI":"10.3390\/fi15090310"},{"key":"ref_4","unstructured":"Carlini, N., Nasr, M., Choquette-Choo, C.A., Jagielski, M., Gao, I., Awadalla, A., Koh, P.W., Ippolito, D., Lee, K., and Tramer, F. (2024). Are Aligned Neural Networks Adversarially Aligned?. Adv. Neural Inf. Process. Syst., 36."},{"key":"ref_5","unstructured":"Xu, R., Baracaldo, N., and Joshi, J. (2021). Privacy-Preserving Machine Learning: Methods, Challenges and Directions. arXiv."},{"key":"ref_6","doi-asserted-by":"crossref","unstructured":"Shokri, R., Stronati, M., Song, C., and Shmatikov, V. (2017, January 22\u201326). Membership Inference Attacks Against Machine Learning Models. Proceedings of the 2017 IEEE Symposium on Security and Privacy (SP), San Jose, CA, USA.","DOI":"10.1109\/SP.2017.41"},{"key":"ref_7","unstructured":"Cilloni, T., Fleming, C., and Walter, C. (2023). Privacy Threats in Stable Diffusion Models. arXiv."},{"key":"ref_8","doi-asserted-by":"crossref","first-page":"133","DOI":"10.2478\/popets-2019-0008","article-title":"LOGAN: Membership Inference Attacks Against Generative Models","volume":"2019","author":"Hayes","year":"2019","journal-title":"Proc. Priv. Enhancing Technol."},{"key":"ref_9","doi-asserted-by":"crossref","unstructured":"Shan, S., Ding, W., Passananti, J., Wu, S., Zheng, H., and Zhao, B.Y. (2023). Nightshade: Prompt-Specific Poisoning Attacks on Text-to-Image Generative Models. arXiv.","DOI":"10.1109\/SP54263.2024.00207"},{"key":"ref_10","doi-asserted-by":"crossref","unstructured":"Li, Z., Hong, J., Li, B., and Wang, Z. (2024, January 9\u201311). Shake to Leak: Fine-Tuning Diffusion Models Can Amplify the Generative Privacy Risk. Proceedings of the 2024 IEEE Conference on Secure and Trustworthy Machine Learning (SaTML), Toronto, ON, Canada.","DOI":"10.1109\/SaTML59370.2024.00010"},{"key":"ref_11","doi-asserted-by":"crossref","unstructured":"Templin, T., Perez, M.W., Sylvia, S., Leek, J., and Sinnott-Armstrong, N. (2024). Addressing 6 challenges in generative AI for digital health: A scoping review. PLoS Digit. Health, 3.","DOI":"10.1371\/journal.pdig.0000503"},{"key":"ref_12","doi-asserted-by":"crossref","unstructured":"Erlingsson, \u00da., Pihur, V., and Korolova, A. (2014, January 3\u20137). RAPPOR: Randomized Aggregatable Privacy-Preserving Ordinal Response. Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security, Scottsdale, AZ, USA.","DOI":"10.1145\/2660267.2660348"},{"key":"ref_13","unstructured":"Su, B., Wang, Y., Schiavazzi, D., and Liu, F. (2023). Privacy-Preserving Data Synthesis via Differentially Private Normalizing Flows with Application to Electronic Health Records Data. Proceedings of the Inaugural AAAI 2023 Summer Symposium, Second Symposium on Human Partnership with Medical AI: Design, Operationalization, and Ethics, Singapore, 17\u201319 July 2023, Association for the Advancement of Artificial Intelligence."},{"key":"ref_14","unstructured":"(2024, October 10). PySyft. Available online: https:\/\/github.com\/OpenMined\/PySyft."},{"key":"ref_15","doi-asserted-by":"crossref","unstructured":"Gu, X., Sabrina, F., Fan, Z., and Sohail, S. (2023). A Review of Privacy Enhancement Methods for Federated Learning in Healthcare Systems. Int. J. Environ. Res. Public Health, 20.","DOI":"10.3390\/ijerph20156539"},{"key":"ref_16","unstructured":"(2024, September 12). TensorFlow Federated. Available online: https:\/\/www.tensorflow.org\/federated."},{"key":"ref_17","doi-asserted-by":"crossref","unstructured":"Seethalakshmi, V., Dhanaraj, R.K., Suganyadevi, S., and Ouaissa, M. (2023). Introduction to Homomorphic Encryption for Financial Cryptography. Homomorphic Encryption for Financial Cryptography, Springer International Publishing.","DOI":"10.1007\/978-3-031-35535-6"},{"key":"ref_18","doi-asserted-by":"crossref","first-page":"34","DOI":"10.1007\/s00145-019-09319-x","article-title":"TFHE: Fast Fully Homomorphic Encryption Over the Torus","volume":"33","author":"Chillotti","year":"2020","journal-title":"J. Cryptol."},{"key":"ref_19","doi-asserted-by":"crossref","unstructured":"Yao, A. (1982, January 3\u20135). Protocols for Secure Computations. Proceedings of the 23rd Annual Symposium on Foundations of Computer Science, Chicago, IL, USA.","DOI":"10.1109\/SFCS.1982.38"},{"key":"ref_20","doi-asserted-by":"crossref","unstructured":"Nielsen, J.B., and Rijmen, V. (May, January 29). Overdrive: Making SPDZ Great Again. Proceedings of the Advances in Cryptology\u2014EUROCRYPT 2018, Tel Aviv, Israel.","DOI":"10.1007\/978-3-319-78372-7"},{"key":"ref_21","doi-asserted-by":"crossref","first-page":"103926","DOI":"10.1016\/j.jnca.2024.103926","article-title":"Synthetic and Privacy-Preserving Traffic Trace Generation Using Generative AI Models for Training Network Intrusion Detection Systems","volume":"229","author":"Aceto","year":"2024","journal-title":"J. Netw. Comput. Appl."},{"key":"ref_22","unstructured":"(2024, September 23). Microsoft Presidio. Available online: https:\/\/microsoft.github.io\/presidio\/."},{"key":"ref_23","first-page":"984","article-title":"ARX\u2014A Comprehensive Tool for Anonymizing Biomedical Data","volume":"2014","author":"Prasser","year":"2014","journal-title":"AMIA Annu. Symp. Proc."},{"key":"ref_24","doi-asserted-by":"crossref","unstructured":"Kua, J., Hossain, M.B., Natgunanathan, I., and Xiang, Y. (2023). Privacy Preservation in Smart Meters: Current Status, Challenges and Future Directions. Sensors, 23.","DOI":"10.3390\/s23073697"},{"key":"ref_25","first-page":"1","article-title":"Privacy and Data Protection in ChatGPT and Other AI Chatbots: Strategies for Securing User Information","volume":"15","author":"Sebastian","year":"2023","journal-title":"Int. J. Secur. Priv. Pervasive Comput."},{"key":"ref_26","unstructured":"Hans, A., Wen, Y., Jain, N., Kirchenbauer, J., Kazemi, H., Singhania, P., Singh, S., Somepalli, G., Geiping, J., and Bhatele, A. (2024). Be like a Goldfish, Don\u2019t Memorize! Mitigating Memorization in Generative LLMs. arXiv."},{"key":"ref_27","unstructured":"Ginart, A.A., Guan, M.Y., Valiant, G., and Zou, J. (2019, January 8\u201314). Making AI Forget You: Data Deletion in Machine Learning. Proceedings of the 33rd International Conference on Neural Information Processing Systems, Vancouver, BC, Canada."},{"key":"ref_28","doi-asserted-by":"crossref","unstructured":"Mireshghallah, F., Inan, H.A., Hasegawa, M., R\u00fchle, V., Berg-Kirkpatrick, T., and Sim, R. (2021). Privacy Regularization: Joint Privacy-Utility Optimization in Language Models. arXiv.","DOI":"10.18653\/v1\/2021.naacl-main.298"},{"key":"ref_29","unstructured":"Chen, T., Da, L., Zhou, H., Li, P., Zhou, K., Chen, T., and Wei, H. (2024). Privacy-Preserving Fine-Tuning of Large Language Models through Flatness. arXiv."},{"key":"ref_30","doi-asserted-by":"crossref","unstructured":"Abadi, M., Chu, A., Goodfellow, I., McMahan, H.B., Mironov, I., Talwar, K., and Zhang, L. (2016, January 24\u201328). Deep Learning with Differential Privacy. Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security, Vienna, Austria.","DOI":"10.1145\/2976749.2978318"},{"key":"ref_31","unstructured":"Carlini, N., Tramer, F., Wallace, E., Jagielski, M., Herbert-Voss, A., Lee, K., Roberts, A., Brown, T., Song, D., and Erlingsson, U. (2020). Extracting Training Data from Large Language Models. arXiv."},{"key":"ref_32","doi-asserted-by":"crossref","unstructured":"Goyal, M., and Mahmoud, Q.H. (2024). A Systematic Review of Synthetic Data Generation Techniques Using Generative AI. Electronics, 13.","DOI":"10.3390\/electronics13173509"},{"key":"ref_33","doi-asserted-by":"crossref","unstructured":"Song, C., Ristenpart, T., and Shmatikov, V. (November, January 30). Machine Learning Models That Remember Too Much. Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security, Dallas, TX, USA.","DOI":"10.1145\/3133956.3134077"},{"key":"ref_34","unstructured":"Halevi, S., and Shoup, V. (Cryptol. ePrint Arch., 2020). Design and Implementation of HElib: A Homomorphic Encryption Library, Cryptol. ePrint Arch., prepint."},{"key":"ref_35","doi-asserted-by":"crossref","unstructured":"Nguyen, C.T., Liu, Y., Du, H., Hoang, D.T., Niyato, D., Nguyen, D.N., and Mao, S. (2024). Generative AI-Enabled Blockchain Networks: Fundamentals, Applications, and Case Study. arXiv.","DOI":"10.1109\/MNET.2024.3412161"},{"key":"ref_36","unstructured":"Li, Z., Kong, D., Niu, Y., Peng, H., Li, X., and Li, W. (2023). An Overview of AI and Blockchain Integration for Privacy-Preserving. arXiv."},{"key":"ref_37","doi-asserted-by":"crossref","unstructured":"Li, Y., Du, W., Han, L., Zhang, Z., and Liu, T. (2023). A Communication-Efficient, Privacy-Preserving Federated Learning Algorithm Based on Two-Stage Gradient Pruning and Differentiated Differential Privacy. Sensors, 23.","DOI":"10.3390\/s23239305"},{"key":"ref_38","doi-asserted-by":"crossref","unstructured":"Behnia, R., Ebrahimi, M.R., Pacheco, J., and Padmanabhan, B. (December, January 28). EW-Tune: A Framework for Privately Fine-Tuning Large Language Models with Differential Privacy. Proceedings of the 2022 IEEE International Conference on Data Mining Workshops (ICDMW), Orlando, FL, USA.","DOI":"10.1109\/ICDMW58026.2022.00078"},{"key":"ref_39","doi-asserted-by":"crossref","first-page":"3201","DOI":"10.14778\/3681954.3681994","article-title":"LLM-PBE: Assessing Data Privacy in Large Language Models","volume":"17","author":"Li","year":"2024","journal-title":"Proc. VLDB Endow."},{"key":"ref_40","unstructured":"Li, H., Chen, Y., Luo, J., Kang, Y., Zhang, X., Hu, Q., Chan, C., and Song, Y. (2023). Privacy in Large Language Models: Attacks, Defenses and Future Directions. arXiv."},{"key":"ref_41","unstructured":"Feretzakis, G., and Verykios, V.S. (2024). Trustworthy AI: Securing Sensitive Data in Large Language Models. arXiv."},{"key":"ref_42","doi-asserted-by":"crossref","unstructured":"Al-kfairy, M., Mustafa, D., Kshetri, N., Insiew, M., and Alfandi, O. (2024). Ethical Challenges and Solutions of Generative AI: An Interdisciplinary Perspective. Informatics, 11.","DOI":"10.2139\/ssrn.4833030"},{"key":"ref_43","doi-asserted-by":"crossref","first-page":"4","DOI":"10.1186\/s40543-024-00416-6","article-title":"Artificial Intelligence and Quantum Cryptography","volume":"15","author":"Radanliev","year":"2024","journal-title":"J. Anal. Sci. Technol."},{"key":"ref_44","doi-asserted-by":"crossref","unstructured":"Radanliev, P., De Roure, D., and Santos, O. (2023). Red Teaming Generative AI\/NLP, the BB84 Quantum Cryptography Protocol and the NIST-Approved Quantum-Resistant Cryptographic Algorithms. arXiv.","DOI":"10.31224\/3230"},{"key":"ref_45","doi-asserted-by":"crossref","unstructured":"Zhang, R., Du, H., Niyato, D., Kang, J., Xiong, Z., Jamalipour, A., Zhang, P., and Kim, D.I. (2024). Generative AI for Space-Air-Ground Integrated Networks. IEEE Wirel. Commun., 1\u201311.","DOI":"10.1109\/MWC.016.2300547"},{"key":"ref_46","doi-asserted-by":"crossref","unstructured":"Zhang, R., Du, H., Liu, Y., Niyato, D., Kang, J., Xiong, Z., Jamalipour, A., and Kim, D.I. (2024). Generative AI Agents with Large Language Model for Satellite Networks via a Mixture of Experts Transmission. IEEE J. Sel. Areas Commun., 1.","DOI":"10.1109\/JSAC.2024.3459037"},{"key":"ref_47","unstructured":"Brand, M., and Pradel, G. (2024, October 20). Practical Privacy-Preserving Machine Learning Using Homomorphic Encryption. Available online: https:\/\/eprint.iacr.org\/2023\/1320.pdf."},{"key":"ref_48","doi-asserted-by":"crossref","unstructured":"Krasadakis, P., Sakkopoulos, E., and Verykios, V.S. (2024). A Survey on Challenges and Advances in Natural Language Processing with a Focus on Legal Informatics and Low-Resource Languages. Electronics, 13.","DOI":"10.3390\/electronics13030648"}],"container-title":["Information"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/www.mdpi.com\/2078-2489\/15\/11\/697\/pdf","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,10,10]],"date-time":"2025-10-10T16:27:59Z","timestamp":1760113679000},"score":1,"resource":{"primary":{"URL":"https:\/\/www.mdpi.com\/2078-2489\/15\/11\/697"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2024,11,4]]},"references-count":48,"journal-issue":{"issue":"11","published-online":{"date-parts":[[2024,11]]}},"alternative-id":["info15110697"],"URL":"https:\/\/doi.org\/10.3390\/info15110697","relation":{},"ISSN":["2078-2489"],"issn-type":[{"value":"2078-2489","type":"electronic"}],"subject":[],"published":{"date-parts":[[2024,11,4]]}}}