Abstract
Detecting personally identifiable information (PII) in user queries is critical for ensuring privacy in question-answering systems. Current approaches mainly redact all PII, disregarding the fact that some of them may be contextually relevant to the user's question, resulting in a degradation of response quality. Large language models (LLMs) might be able to help determine which PII are relevant, but due to their closed source nature and lack of privacy guarantees, they are unsuitable for sensitive data processing. To achieve privacy-preserving PII detection, we propose CAPID, a practical approach that fine-tunes a locally owned small language model (SLM) that filters sensitive information before it is passed to LLMs for QA. However, existing datasets do not capture the context-dependent relevance of PII needed to train such a model effectively. To fill this gap, we propose a synthetic data generation pipeline that leverages LLMs to produce a diverse, domain-rich dataset spanning multiple PII types and relevance levels. Using this dataset, we fine-tune an SLM to detect PII spans, classify their types, and estimate contextual relevance. Our experiments show that relevance-aware PII detection with a fine-tuned SLM substantially outperforms existing baselines in span, relevance and type accuracy while preserving significantly higher downstream utility under anonymization.
Abstract (translated)
在用户查询中检测个人可识别信息(PII)对于确保问答系统中的隐私至关重要。目前的方法主要是在忽略某些PII可能对用户的提问具有上下文相关性的情况下对其进行屏蔽,这导致了响应质量的下降。大型语言模型(LLM)或许能够帮助判断哪些PII是相关的,但由于它们封闭源代码性质和缺乏隐私保障,这些模型不适合处理敏感数据。为了实现保护隐私的PII检测,我们提出了CAPID,一种实用的方法,通过微调本地拥有的小型语言模型(SLM),在将信息传递给LLMs进行问答之前过滤掉敏感信息。 然而,现有的数据集没有捕捉到训练此类模型所需的上下文依赖的相关性。为了解决这一问题,我们提出了一种合成数据生成管道,利用大型语言模型产生一个多样且领域丰富的数据集,涵盖多种PII类型和相关程度级别。使用这个数据集,我们将SLM微调以检测PII片段、分类其类型并估计上下文相关性。 我们的实验显示,基于微调后的SLM的相关性感知PII检测在片段准确性、相关性和类型准确性方面显著优于现有的基线模型,并且在匿名化后保持了更高的下游效用。
URL
https://arxiv.org/abs/2602.10074
