MosaicLeaks: Can your research agent keep a secret?

Deep research agents that combine private documents with external web searches risk leaking sensitive information through their query patterns, a phenomenon called the "mosaic effect." A new benchmark, MosaicLeaks, was created to measure this risk by using multi-hop questions that require both private and public information. Across tested models, agents frequently leaked private data, and training for better task performance actually increased the leakage. A proposed reinforcement learning method called Privacy-Aware Deep Research (PA-DR) successfully reduces this information leakage while also improving overall task success.