This work addresses the vulnerability of privacy attributes—such as gender, age, and ethnicity—to adversarial inference in text anonymization. We propose a large language model–based conditional anonymization method that actively obfuscates sensitive attributes via a private-attribute randomization mechanism, preserving semantic fidelity while misleading adversaries into erroneous attribute predictions. Our key innovation is a lightweight, distillable architecture designed specifically for on-device LoRA deployment—marking the first approach to jointly enable efficient edge inference and strong privacy guarantees. Evaluated across eight privacy-sensitive attributes, our method reduces average attribute leakage by over 90%. Even under resource-constrained on-device LoRA deployment, it suppresses leakage by more than 50%, with negligible degradation in text fluency and semantic fidelity.

In this work, we address the problem of text anonymization where the goal is to prevent adversaries from correctly inferring private attributes of the author, while keeping the text utility, i.e., meaning and semantics. We propose IncogniText, a technique that anonymizes the text to mislead a potential adversary into predicting a wrong private attribute value. Our empirical evaluation shows a reduction of private attribute leakage by more than 90% across 8 different private attributes. Finally, we demonstrate the maturity of IncogniText for real-world applications by distilling its anonymization capability into a set of LoRA parameters associated with an on-device model. Our results show the possibility of reducing privacy leakage by more than half with limited impact on utility.