In this work, we address the problem of text anonymization where the goal is to prevent adversaries from correctly inferring private attributes of the author, while keeping the text utility, i.e., meaning and semantics. We propose IncogniText, a technique that anonymizes the text to mislead a potential adversary into predicting a wrong private attribute value. Our empirical evaluation shows a reduction of private attribute leakage by more than 90% across 8 different private attributes. Finally, we demonstrate the maturity of IncogniText for real-world applications by distilling its anonymization capability into a set of LoRA parameters associated with an on-device model. Our results show the possibility of reducing privacy leakage by more than half with limited impact on utility.
View on arXiv@article{frikha2025_2407.02956,
title={ IncogniText: Privacy-enhancing Conditional Text Anonymization via LLM-based Private Attribute Randomization },
author={ Ahmed Frikha and Nassim Walha and Krishna Kanth Nakka and Ricardo Mendes and Xue Jiang and Xuebing Zhou },
journal={arXiv preprint arXiv:2407.02956},
year={ 2025 }
}