SRPG: Semantically Reconstructed Privacy Guard for Zero-Trust Privacy in Educational Multi-Agent Systems
Shuang Guo, Zihui Li
TL;DR
SRPG tackles privacy in educational multi-agent systems by decoupling private data from instructional content through a dual-stream reconstruction mechanism. It combines a Strict Sanitization Stream that guarantees zero PII leakage with a Context Reconstruction Stream that recovers essential mathematical context, enabling effective tutoring. Empirical evaluation on MathDial shows zero Attack Success Rate across backbones and strong math-utility, with GPT-4o achieving 0.0000 ASR and 0.8267 Exact Match, surpassing baselines. The approach demonstrates a practical, future-proof method for protecting minors' privacy without sacrificing educational quality, with potential extensions to other domains.
Abstract
Multi-Agent Systems (MAS) with large language models (LLMs) enable personalized education but risk leaking minors personally identifiable information (PII) via unstructured dialogue. Existing privacy methods struggle to balance security and utility: role-based access control fails on unstructured text, while naive masking destroys pedagogical context. We propose SRPG, a privacy guard for educational MAS, using a Dual-Stream Reconstruction Mechanism: a strict sanitization stream ensures zero PII leakage, and a context reconstruction stream (LLM driven) recovers mathematical logic. This decouples instructional content from private data, preserving teaching efficacy. Tests on MathDial show SRPG works across models; with GPT-4o, it achieves 0.0000 Attack Success Rate (ASR) (zero leakage) and 0.8267 Exact Match, far outperforming the zero trust Pure LLM baseline (0.2138). SRPG effectively protects minors privacy without sacrificing mathematical instructional quality.