This work addresses the privacy leakage risk in deep learning inference arising from unauthorized reuse of input data by unintended models for other tasks. It proposes a model-specific representation learning approach that operates without pixel-level reconstruction loss. Built upon a variational autoencoding framework, the method integrates task-driven cross-entropy supervision with KL regularization and introduces a gradient saliency-guided dynamic binary mask to selectively suppress latent dimensions irrelevant to the target classification task. Evaluated on CIFAR-100, the approach maintains high accuracy for the designated classifier while reducing the accuracy of all non-target classifiers to below 2%, achieving a suppression ratio exceeding 45×. The method demonstrates strong generalization across multiple datasets and, to the best of our knowledge, is the first to effectively prevent cross-model transfer of feature representations without relying on reconstruction loss.

As deep learning inference is increasingly deployed in shared and cloud-based settings, a growing concern is input repurposing, in which data submitted for one task is reused by unauthorized models for another. Existing privacy defenses largely focus on restricting data access, but provide limited control over what downstream uses a released representation can still support. We propose a feature extraction framework that suppresses cross-model transfer while preserving accuracy for a designated classifier. The framework employs a variational latent bottleneck, trained with a task-driven cross-entropy objective and KL regularization, but without any pixel-level reconstruction loss, to encode inputs into a compact latent space. A dynamic binary mask, computed from per-dimension KL divergence and gradient-based saliency with respect to the frozen target model, suppresses latent dimensions that are uninformative for the intended task. Because saliency computation requires gradient access, the encoder is trained in a white-box setting, whereas inference requires only a forward pass through the frozen target model. On CIFAR-100, the processed representations retain strong utility for the designated classifier while reducing the accuracy of all unintended classifiers to below 2%, yielding a suppression ratio exceeding 45 times relative to unintended models. Preliminary experiments on CIFAR-10, Tiny ImageNet, and Pascal VOC provide exploratory evidence that the approach extends across task settings, although further evaluation is needed to assess robustness against adaptive adversaries.