DAVE: A Policy-Enforcing LLM Spokesperson for Secure Multi-Document Data Sharing

• URL: http://arxiv.org/abs/2602.17413v1
• Date: Thu, 19 Feb 2026 14:43:48 GMT
• Title: DAVE: A Policy-Enforcing LLM Spokesperson for Secure Multi-Document Data Sharing
• Authors: René Brinkhege, Prahlad Menon,
• Abstract summary: DAVE is a usage policy-enforcing spokesperson that answers questions over private documents on behalf of a data provider.<n>We formalize policy-violating information disclosure in this setting, drawing on usage control and information flow security.<n>Our contribution is primarily architectural: we do not yet implement or empirically evaluate the full enforcement pipeline.
• Score: 0.0
• License: http://creativecommons.org/licenses/by-nc-nd/4.0/
• Abstract: In current inter-organizational data spaces, usage policies are enforced mainly at the asset level: a whole document or dataset is either shared or withheld. When only parts of a document are sensitive, providers who want to avoid leaking protected information typically must manually redact documents before sharing them, which is costly, coarse-grained, and hard to maintain as policies or partners change. We present DAVE, a usage policy-enforcing LLM spokesperson that answers questions over private documents on behalf of a data provider. Instead of releasing documents, the provider exposes a natural language interface whose responses are constrained by machine-readable usage policies. We formalize policy-violating information disclosure in this setting, drawing on usage control and information flow security, and introduce virtual redaction: suppressing sensitive information at query time without modifying source documents. We describe an architecture for integrating such a spokesperson with Eclipse Dataspace Components and ODRL-style policies, and outline an initial provider-side integration prototype in which QA requests are routed through a spokesperson service instead of triggering raw document transfer. Our contribution is primarily architectural: we do not yet implement or empirically evaluate the full enforcement pipeline. We therefore outline an evaluation methodology to assess security, utility, and performance trade-offs under benign and adversarial querying as a basis for future empirical work on systematically governed LLM access to multi-party data spaces.

Related papers

• Smart Privacy Policy Assistant: An LLM-Powered System for Transparent and Actionable Privacy Notices [3.914632811815449]
  Most users agree to online privacy policies without reading or understanding them, even though these documents govern how personal data is collected, shared, and monetized.<n>This paper presents the Smart Privacy Policy Assistant, an LLM-powered system that automatically ingests privacy policies, extracts and categorizes key clauses, assigns human-interpretable risk levels, and generates clear, concise explanations.<n>We describe the end-to-end pipeline, including policy ingestion, clause categorization, risk scoring, and explanation generation, and propose an evaluation framework based on clause-level accuracy, policy-level risk agreement, and user comprehension.
  arXiv  Detail & Related papers  (2026-01-09T23:42:59Z)
• Doc-PP: Document Policy Preservation Benchmark for Large Vision-Language Models [13.70855540464427]
  We introduce Doc-PP, a novel benchmark constructed from real-world reports requiring reasoning across heterogeneous visual and textual elements under strict non-disclosure policies.<n>Our evaluation highlights a systemic Reasoning-Induced Safety Gap: models frequently leak sensitive information when answers must be inferred through complex synthesis or aggregated across modalities.<n>We propose DVA, a structural inference framework that decouples reasoning from policy verification.
  arXiv  Detail & Related papers  (2026-01-07T13:45:39Z)
• PolicyBot - Reliable Question Answering over Policy Documents [0.0]
  This work presents PolicyBot, a retrieval-augmented generation (RAG) system designed to answer user queries over policy documents.<n>The system combines domain-specific semantic chunking, multilingual dense embeddings, multi-stage retrieval with reranking, and source-aware generation to provide responses grounded in the original documents.
  arXiv  Detail & Related papers  (2025-11-17T15:26:10Z)
• Analyzing and Internalizing Complex Policy Documents for LLM Agents [53.14898416858099]
  Large Language Model (LLM)-based agentic systems rely on in-context policy documents encoding diverse business rules.<n>This motivates developing internalization methods that embed policy documents into model priors while preserving performance.<n>We introduce CC-Gen, an agentic benchmark generator with Controllable Complexity across four levels.
  arXiv  Detail & Related papers  (2025-10-13T16:30:07Z)
• MAGPIE: A dataset for Multi-AGent contextual PrIvacy Evaluation [54.410825977390274]
  Existing benchmarks to evaluate contextual privacy in LLM-agents primarily assess single-turn, low-complexity tasks.<n>We first present a benchmark - MAGPIE comprising 158 real-life high-stakes scenarios across 15 domains.<n>We then evaluate the current state-of-the-art LLMs on their understanding of contextually private data and their ability to collaborate without violating user privacy.
  arXiv  Detail & Related papers  (2025-06-25T18:04:25Z)
• Unified Multimodal Interleaved Document Representation for Retrieval [57.65409208879344]
  We propose a method that holistically embeds documents interleaved with multiple modalities.<n>We merge the representations of segmented passages into one single document representation.<n>We show that our approach substantially outperforms relevant baselines.
  arXiv  Detail & Related papers  (2024-10-03T17:49:09Z)
• Robust Utility-Preserving Text Anonymization Based on Large Language Models [80.5266278002083]
  Anonymizing text that contains sensitive information is crucial for a wide range of applications.<n>Existing techniques face the emerging challenges of the re-identification ability of large language models.<n>We propose a framework composed of three key components: a privacy evaluator, a utility evaluator, and an optimization component.
  arXiv  Detail & Related papers  (2024-07-16T14:28:56Z)
• DOCBENCH: A Benchmark for Evaluating LLM-based Document Reading Systems [99.17123445211115]
  We introduce DocBench, a benchmark to evaluate large language model (LLM)-based document reading systems. Our benchmark involves the recruitment of human annotators and the generation of synthetic questions. It includes 229 real documents and 1,102 questions, spanning across five different domains and four major types of questions.
  arXiv  Detail & Related papers  (2024-07-15T13:17:42Z)
• EROS: Entity-Driven Controlled Policy Document Summarization [16.661448437719464]
  We propose to enhance the interpretability and readability of policy documents by using controlled abstractive summarization. We develop PD-Sum, a policy-document summarization dataset with marked privacy-related entity labels. Our proposed model, EROS, identifies critical entities through a span-based entity extraction model and employs them to control the information content of the summaries.
  arXiv  Detail & Related papers  (2024-02-29T21:44:50Z)
• Privacy-Aware Document Visual Question Answering [44.82362488593259]
  This work highlights privacy issues in state of the art multi-modal LLM models used for DocVQA. We propose a large scale DocVQA dataset comprising invoice documents and associated questions and answers. We demonstrate that non-private models tend to memorise, a behaviour that can lead to exposing private information.
  arXiv  Detail & Related papers  (2023-12-15T06:30:55Z)
• PolicyQA: A Reading Comprehension Dataset for Privacy Policies [77.79102359580702]
  We present PolicyQA, a dataset that contains 25,017 reading comprehension style examples curated from an existing corpus of 115 website privacy policies. We evaluate two existing neural QA models and perform rigorous analysis to reveal the advantages and challenges offered by PolicyQA.
  arXiv  Detail & Related papers  (2020-10-06T09:04:58Z)

This list is automatically generated from the titles and abstracts of the papers in this site.

This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.