![[2602.10139] Anonymization-Enhanced Privacy Protection for Mobile GUI Agents: Available but Invisible](https://arxiv.org/static/browse/0.3.4/images/arxiv-logo-fb.png){kind=logo}
[2602.10139] Anonymization-Enhanced Privacy Protection for Mobile GUI Agents: Available but Invisible
Summary
The paper presents a novel framework for enhancing privacy protection in mobile GUI agents by anonymizing sensitive data while maintaining usability, addressing significant privacy risks associated with current systems.
Why It Matters
As mobile GUI agents become increasingly integrated into daily tasks, ensuring user privacy is paramount. This research proposes a solution that balances the need for functionality with the protection of sensitive information, which is crucial in today's data-driven environment.
Key Takeaways
- Introduces an anonymization-based framework for mobile GUI agents.
- Ensures sensitive data remains usable but invisible to cloud-based agents.
- Utilizes a layered architecture for consistent privacy protection.
- Demonstrates significant reduction in privacy leakage with minimal utility loss.
- Provides a practical solution for enhancing user privacy in mobile applications.
Computer Science > Cryptography and Security arXiv:2602.10139 (cs) [Submitted on 8 Feb 2026 (v1), last revised 14 Feb 2026 (this version, v2)] Title:Anonymization-Enhanced Privacy Protection for Mobile GUI Agents: Available but Invisible Authors:Lepeng Zhao, Zhenhua Zou, Shuo Li, Zhuotao Liu View a PDF of the paper titled Anonymization-Enhanced Privacy Protection for Mobile GUI Agents: Available but Invisible, by Lepeng Zhao and Zhenhua Zou and Shuo Li and Zhuotao Liu View PDF HTML (experimental) Abstract:Mobile Graphical User Interface (GUI) agents have demonstrated strong capabilities in automating complex smartphone tasks by leveraging multimodal large language models (MLLMs) and system-level control interfaces. However, this paradigm introduces significant privacy risks, as agents typically capture and process entire screen contents, thereby exposing sensitive personal data such as phone numbers, addresses, messages, and financial information. Existing defenses either reduce UI exposure, obfuscate only task-irrelevant content, or rely on user authorization, but none can protect task-critical sensitive information while preserving seamless agent usability. We propose an anonymization-based privacy protection framework that enforces the principle of available-but-invisible access to sensitive data: sensitive information remains usable for task execution but is never directly visible to the cloud-based agent. Our system detects sensitive UI content using a PII-aware recog...