This work addresses the copyright and privacy risks posed by unauthorized scraping of web-scale multimodal data for training large vision-language models (LVLMs) by proposing MMGuard, a pre-training active defense mechanism. MMGuard generates imperceptible perturbations that render data samples non-learnable, thereby disrupting cross-modal alignment and inducing optimization shortcuts. Consequently, any unauthorized fine-tuning on such protected data leads to severe performance degradation during inference when the perturbations are absent. The method is theoretically grounded and exhibits strong transferability across models. Extensive evaluations across six datasets and nine open-source LVLMs demonstrate that MMGuard provides effective, stealthy, and robust data protection under white-box, gray-box, and black-box threat models.

The rapid advancement of Large Vision-Language Models (LVLMs) is increasingly accompanied by unauthorized scraping and training on multimodal web data, posing severe copyright and privacy risks to data owners. Existing countermeasures, such as machine unlearning and watermarks, are inherent post-hoc approaches that act only after intellectual property infringement has already occurred. In this work, we propose MMGuard to empower data owners to proactively protect their multimodal data against unauthorized LVLM fine-tuning. MMGuard generates unlearnable examples by injecting human-imperceptible perturbations that actively exploit the learning dynamics of LVLMs. By minimizing the training loss, the perturbation creates an optimization shortcut, causing the model to overfit to the noise and thereby degrading downstream performance when the perturbation is absent during inference. To further strengthen this defense, MMGuard introduces a cross-modal binding disruption, strategically shifting LVLM attention to enforce a spurious correlation between the noise and the training target with theoretical guarantees. Enhanced by an ensemble learning strategy for cross-model transferability, MMGuard is evaluated against nine open-source LVLMs across six datasets. Our comprehensive results demonstrate effective, stealthy, and robust protection under white-box, gray-box, and black-box threat models, establishing a mechanistic advantage in proactively defending against aggressive fine-tuning exploitation.