<![CDATA[Mobile large language models (LLMs) are also being deployed to smartphones and edge devices to offer conversational help, summarization, and task automation (specifically personalized). Nonetheless, this move to on-device intelligence presents some new issues concerning the privacy and safety of users, especially when models are subjected to adversarial inputs. The challenge is in the inadequate knowledge on the impact of such safety guardrails like rule-based filters, content classifiers, and moderation layers on privacy behavior under targeted attacks. This research fills this gap by creating an adversarial evaluation system that analytically studies the compromising of safety and privacy in mobile LLM guardrail design. The framework uses systematized categories of attacks in the form of prompt injection, memorization and deanonymization to test the effects of different guardrail architecture in system behavior under realistic mobile conditions. The experiments performed on compressed LLMs have shown that, in addition to the beneficial effects of the cascaded moderator architecture to reduce harmful outputs, contextual leakage can also occur due to the verbose refusal responses. On the other hand, the auxiliary safety models are relatively balanced in their performance with low privacy leakage and safety compliance. The findings point to the importance of co-optimization of guardrail mechanisms to both provides safety and privacy instead of seeing this as a protective or stand-alone element. This study finds that adversarial privacy assessment should be part of the development of mobile LLAMs, and as such, designs and deployments ought to incorporate this concept, which will allow the development of privacy-aware and regulation-compatible guardrails of trusted AI in edge devices.]]>
