Post #752

📖Copyright Risk in Production LLMs: New Evidence of Text Extraction A new paper, “Extracting books from production language models,” examines whether copyrighted training data can be extracted from closed, production-grade LLMs despite deployed safety measures. The authors test a two-phase method: an initial feasibility probe (sometimes using Best-of-N jailbreaks) followed by iterative continuation prompts, on Claude 3.7 Sonnet, GPT-4.1, Gemini 2.5 Pro, and Grok 3. Extraction success is measured using an nv-recall metric based on longest common substrings. The study finds that extraction remains possible. For Gemini 2.5 Pro and Grok 3, no jailbreak was required to extract substantial portions of "Harry Potter and the Sorcerer’s Stone" (nv-recall 76.8% and 70.3%). Claude 3.7 Sonnet and GPT-4.1 required jailbreaks; in some cases, jailbroken Claude produced near-verbatim outputs of entire books (nv-recall 95.8%). GPT-4.1 showed lower extraction success and eventually refused to continue after many attempts. The authors conclude that memorization and extractability of in-copyright text persist as risks in production LLMs, even with model- and system-level safeguards, keeping unresolved copyright and compliance questions squarely in scope. #AI#Copyright#LLMs#AIRegulation#GenerativeAI#IP