Deploying Privacy Guardrails for LLMs: A Comparative Analysis of Real-World Applications
Shubhi Asthana, Bing Zhang, Ruchi Mahindru, Chad DeLuca, Anna Lisa Gentile, Sandeep Gopisetty
TL;DR
The paper tackles privacy risks in LLM-driven systems and regulatory compliance, proposing OneShield Privacy Guard as a scalable guardrail to detect and mitigate PII in prompts and model outputs. It analyzes two real-world deployments: Deployment 1 in Data and Model Factory for multilingual enterprise governance achieving a $0.95$ F1 across 26 languages with low latency, and Deployment 2 in PR Insights achieving an average F1 of $0.86$ with substantial manual effort reduction (≈$300$ hours) and productivity gains. Comparative results show OneShield outperforming StarPII and Presidio in coverage and accuracy, with context-aware detection and dynamic policy actions enabling compliant and ethical AI usage. The work highlights the importance of context-sensitive entity recognition, policy-driven masking, and a balanced automation-human-in-the-loop approach, setting a path toward multimodal privacy safeguards and standardized multilingual benchmarks.
Abstract
The adoption of Large Language Models (LLMs) has revolutionized AI applications but poses significant challenges in safeguarding user privacy. Ensuring compliance with privacy regulations such as GDPR and CCPA while addressing nuanced privacy risks requires robust and scalable frameworks. This paper presents a detailed study of OneShield Privacy Guard, a framework designed to mitigate privacy risks in user inputs and LLM outputs across enterprise and open-source settings. We analyze two real-world deployments:(1) a multilingual privacy-preserving system integrated with Data and Model Factory, focusing on enterprise-scale data governance; and (2) PR Insights, an open-source repository emphasizing automated triaging and community-driven refinements. In Deployment 1, OneShield achieved a 0.95 F1 score in detecting sensitive entities like dates, names, and phone numbers across 26 languages, outperforming state-of-the-art tool such as StarPII and Presidio by up to 12\%. Deployment 2, with an average F1 score of 0.86, reduced manual effort by over 300 hours in three months, accurately flagging 8.25\% of 1,256 pull requests for privacy risks with enhanced context sensitivity. These results demonstrate OneShield's adaptability and efficacy in diverse environments, offering actionable insights for context-aware entity recognition, automated compliance, and ethical AI adoption. This work advances privacy-preserving frameworks, supporting user trust and compliance across operational contexts.
