What problem does this paper attempt to address?

The main problem that this paper attempts to solve is to ensure that large - language models (LLMs) comply with the General Data Protection Regulation (GDPR), especially to meet the requirements of the "right to be forgotten". With the popularization of large - scale AI systems, it is crucial to ensure that these systems abide by data privacy regulations. Traditional methods such as retraining or global adjustment of models are often computationally expensive and may affect model performance. Therefore, this paper proposes a new method named "Brain Surgery", which aims to make local AI models comply with GDPR in the following ways: 1. **Real - time privacy management and targeted forgetting**: Brain Surgery selectively removes unwanted data by using Embedding - Corrupted Prompts (ECO Prompts), while maintaining the overall performance of the model. 2. **Modular solution**: Provide a modular framework that can be deployed on various AI architectures, supporting edge devices and cloud - based environments. 3. **Blockchain - supported privacy management**: Use blockchain technology to record and verify "right to be forgotten" requests, ensuring the transparency and immutability of deletion operations. 4. **User - defined privacy preferences**: Allow users to set their own privacy limits, such as data retention time and exclusion of specific types of information. ### Formula analysis 1. **Mathematical representation of ECO Prompts**: Let \( e_c\in\mathbb{R}^d \) represent the embedding vector of concept \( c \), where \( d \) is the dimension of the embedding space. The goal is to iteratively modify this embedding so that the model's association with concept \( c \) is weakened while maintaining the integrity of the surrounding embedding space. The formula for generating the corroded embedding \( e'_c \) is: \[ e'_c = e_c-\alpha\cdot\nabla_{e_c}L(e_c) \] where \( L(e_c) \) is a loss function that measures the impact of concept \( c \) on the model output, and \( \alpha \) is a step size that controls the degree of corrosion. To ensure that the modified embedding remains within the feasible region, a normalization process is carried out: \[ e'_c=\frac{e'_c}{\|e'_c\|} \] 2. **Conflict score evaluation**: The conflict score \( S_c \) is used to measure whether the unlearning process has affected the consistency of related concepts. Let \( X_r \) represent the set of related concepts and \( X_u \) represent the set of unwanted concepts. After applying the Brain Surgery method to remove \( X_u \), the conflict score is defined as: \[ S_c=\frac{1}{|X_r|}\sum_{x_r\in X_r}1(f(x_r) = y_r) \] where \( f(x_r) \) represents the model's output for the related concept \( x_r \), \( y_r \) is the expected correct output, and \( 1(\cdot) \) is an indicator function that takes the value of 1 when the model output is consistent with the expectation. 3. **Objective function for privacy - aware continuous learning**: In a privacy - aware continuous learning system, for each input sample \( x \), which contains features \( x\in\mathbb{R}^n \), the system evaluates whether it contains sensitive information through the privacy - protection objective function \( L_p(x) \): \[ L_p(x)=\lambda\cdot\|x_{\text{sensitive}}\|^2 \] where \( x_{\text{sensitive}} \) represents the subset of features identified as sensitive, and \( \lambda \) is a regularization parameter that controls the degree of punishment for sensitive data. In summary, Brain Surgery provides an efficient, flexible, and transparent method that enables large - language models to dynamically adapt to the requirements of privacy regulations and gives users more.