arXiv:2605.26433v1 Announce Type: new 
Abstract: Large language model (LLM) summarization systems may pass compact vector representations of private inputs to downstream retrieval, monitoring, audit, or analytic workflows. Even when source documents remain access-restricted, derived vectors may be handled under different access controls and still support sensitive-information inference, creating a residual information-disclosure risk. We study this issue in clinical discharge-summary generation as a high-stakes case study, using electronic health record (EHR)-recorded race as a controlled sensitive-label audit. We audit two artifacts that a system might retain or expose to downstream components: the final prompt-token hidden state and the mean-pooled prompt representation. Our results show that reducing recoverability of the case-study sensitive label from one exported artifact does not necessarily reduce recoverability from another. As a mitigation case study, we introduce SurfaceLoRA, an exported-vector-targeted parameter-efficient fine-tuning method that uses a gradient-reversal discriminator attached to a designated exported vector. Under a balanced five-way probing protocol, SurfaceLoRA reduces EHR-recorded race recoverability from the targeted final-token artifact toward chance while preserving summarization utility, yet recoverability remains substantially higher from untargeted pooled artifacts. These findings show that privacy auditing and mitigation should be performed on the exact vector artifact retained or exposed to downstream components.

أظهرت الأبحاث الحديثة المخاطر المرتبطة بأنظمة تلخيص نماذج اللغة الكبيرة (LLM)، خاصة فيما يتعلق بكيفية تعرضها عن غير قصد لمعلومات حساسة من خلال تمثيلات متجهة. تركز هذه الدراسة على توليد ملخصات الخروج السريرية، باستخدام العرق كعلامة حساسة لتدقيق إمكانية استرداد هذه البيانات من القطع الأثرية المصدرة.

Investigaciones recientes han destacado los riesgos asociados con los sistemas de resumen de modelos de lenguaje de gran tamaño (LLM), especialmente en cómo pueden exponer inadvertidamente información sensible a través de representaciones vectoriales. Este estudio se centra en la generación de resúmenes de alta relevancia clínica, utilizando la raza como una etiqueta sensible para auditar la recuperabilidad de tales datos a partir de artefactos exportados.

Des recherches récentes ont mis en évidence les risques associés aux systèmes de résumé utilisant des modèles de langage de grande taille (LLM), en particulier en ce qui concerne l'exposition involontaire d'informations sensibles à travers des représentations vectorielles. Cette étude se concentre sur la génération de résumés de sortie clinique, en utilisant la race comme étiquette sensible pour auditer la récupérabilité de ces données à partir d'artefacts exportés.

Recent research has highlighted the risks associated with large language model (LLM) summarization systems, particularly in how they may inadvertently expose sensitive information through vector representations. This study focuses on clinical discharge-summary generation, using race as a sensitive label to audit the recoverability of such data from exported artifacts.

Vectors Are Not Neutral: Sensitive-Information Inference from Exported LLM Representations in Summarization

Was this article worth reading? Share it

Ready to build your own newsroom?