TY - GEN
T1 - An In-Depth Investigation of Data Collection in LLM App Ecosystems
AU - Wu, Yuhao
AU - Jaff, Evin
AU - Yang, Ke
AU - Zhang, Ning
AU - Iqbal, Umar
N1 - Publisher Copyright:
© 2025 Owner/Author.
PY - 2025/10/15
Y1 - 2025/10/15
N2 - LLM app (tool) ecosystems are rapidly evolving to support sophisticated use cases that often require extensive user data collection. Given that LLM apps are developed by third parties and anecdotal evidence indicating inconsistent enforcement of policies by LLM platforms, sharing user data with these apps presents significant privacy risks. In this paper, we aim to bring transparency in data practices of LLM app ecosystems. We examine OpenAI's GPT app ecosystem as a case study. We propose an LLM-based framework to analyze the natural language specifications of GPT Actions (custom tools) and assess their data collection practices. Our analysis reveals that Actions collect excessive data across 24 categories and 145 data types, with third-party Actions collecting 6.03% more data on average. We find that several Actions violate OpenAI's policies by collecting sensitive information, such as passwords, which is explicitly prohibited by OpenAI. Lastly, we develop an LLM-based privacy policy analysis framework to automatically check the consistency of data collection by Actions with disclosures in their privacy policies. Our measurements indicate that the disclosures for most of the collected data types are omitted, with only 5.8% of Actions clearly disclosing their data collection practices.
AB - LLM app (tool) ecosystems are rapidly evolving to support sophisticated use cases that often require extensive user data collection. Given that LLM apps are developed by third parties and anecdotal evidence indicating inconsistent enforcement of policies by LLM platforms, sharing user data with these apps presents significant privacy risks. In this paper, we aim to bring transparency in data practices of LLM app ecosystems. We examine OpenAI's GPT app ecosystem as a case study. We propose an LLM-based framework to analyze the natural language specifications of GPT Actions (custom tools) and assess their data collection practices. Our analysis reveals that Actions collect excessive data across 24 categories and 145 data types, with third-party Actions collecting 6.03% more data on average. We find that several Actions violate OpenAI's policies by collecting sensitive information, such as passwords, which is explicitly prohibited by OpenAI. Lastly, we develop an LLM-based privacy policy analysis framework to automatically check the consistency of data collection by Actions with disclosures in their privacy policies. Our measurements indicate that the disclosures for most of the collected data types are omitted, with only 5.8% of Actions clearly disclosing their data collection practices.
KW - large language models
KW - llm platforms
KW - llm tools
KW - privacy
KW - security
KW - third-party applications
UR - https://www.scopus.com/pages/publications/105021399786
U2 - 10.1145/3730567.3732912
DO - 10.1145/3730567.3732912
M3 - Conference contribution
AN - SCOPUS:105021399786
T3 - Proceedings of the ACM SIGCOMM Internet Measurement Conference, IMC
SP - 150
EP - 170
BT - IMC 2025 - Proceedings of the 2025 ACM Internet Measurement Conference
PB - Association for Computing Machinery
T2 - 25th ACM Internet Measurement Conference, IMC 2025
Y2 - 31 October 2025 through 31 October 2025
ER -