GeoShield: Safeguarding Geolocation Privacy from Vision-Language Models via Adversarial Perturbations

Vision-Language Models (VLMs) such as GPT-4o now demonstrate a remarkable ability to infer users' locations from public shared images, posing a substantial risk to geoprivacy. Although adversarial perturbations offer a potential defense, current methods are ill-suited for this scenario: they often perform poorly on high-resolution images and low perturbation budgets, and may introduce irrelevant semantic content. To address these limitations, we propose GeoShield, a novel adversarial framework designed for robust geoprivacy protection in real-world scenarios. GeoShield comprises three key modules: a feature disentanglement module that separates geographical and non-geographical information, an exposure element identification module that pinpoints geo-revealing regions within an image, and a scale-adaptive enhancement module that jointly optimizes perturbations at both global and local levels to ensure effectiveness across resolutions. Extensive experiments on challenging benchmarks show that GeoShield consistently surpasses prior methods in black-box settings, achieving strong privacy protection with minimal impact on visual or semantic quality. To our knowledge, this work is the first to explore adversarial perturbations for defending against geolocation inference by advanced VLMs, providing a practical and effective solution to escalating privacy concerns.

Key Contributions

• Feature disentanglement module that separates geographical from non-geographical image features to target perturbations precisely
• Exposure element identification module that localizes geo-revealing image regions for focused adversarial perturbation
• Scale-adaptive enhancement module jointly optimizing perturbations at global and local levels for effectiveness across image resolutions

🛡️ Threat Analysis

Details

Similar Papers