To address privacy leakage risks in semantic communication over eavesdropping channels, this paper proposes the first end-to-end semantic communication framework embedded with rigorous differential privacy (DP). Methodologically, it employs GAN-based inversion to disentangle semantic features; designs differentiable neural networks to approximate DP-compliant noise injection and denoising—overcoming the irreversibility of conventional DP at the semantic level; and integrates differentiable neural encryption to enhance channel-input security. Its key contributions are: (i) the first systematic incorporation of provably strong DP guarantees into the semantic communication pipeline, and (ii) a privacy-fidelity joint optimization mechanism achieving Pareto-optimal trade-offs at the semantic level. Experiments demonstrate that, under diverse privacy budgets and channel conditions, the framework degrades eavesdroppers’ reconstructed images to severe distortion or chaos (PSNR < 15 dB), while legitimate users consistently achieve high-fidelity reconstruction (PSNR > 28 dB).

Semantic communication (SemCom) improves transmission efficiency by focusing on task-relevant information. However, transmitting semantic-rich data over insecure channels introduces privacy risks. This paper proposes a novel SemCom framework that integrates differential privacy (DP) mechanisms to protect sensitive semantic features. This method employs the generative adversarial network (GAN) inversion technique to extract disentangled semantic features and uses neural networks (NNs) to approximate the DP application and removal processes, effectively mitigating the non-invertibility issue of DP. Additionally, an NN-based encryption scheme is introduced to strengthen the security of channel inputs. Simulation results demonstrate that the proposed approach effectively prevents eavesdroppers from reconstructing sensitive information by generating chaotic or fake images, while ensuring high-quality image reconstruction for legitimate users. The system exhibits robust performance across various privacy budgets and channel conditions, achieving an optimal balance between privacy protection and reconstruction fidelity.