To address the tension between PII privacy leakage and utility degradation caused by differential privacy (DP) in large language model (LLM) training, this paper proposes a sensitivity-aware adaptive DP training framework. Unlike DP-SGD—which applies uniform noise across all parameters—our method introduces a fine-grained PII sensitivity assessment mechanism that enables token- and sample-level adaptive noise allocation: stronger noise is injected into highly sensitive PII tokens, while low-sensitivity regions receive significantly reduced perturbation. Experiments on four benchmark datasets demonstrate that our approach achieves strong privacy guarantees (ε = 2–4), comparable to standard DP-SGD, while preserving model utility—measured by perplexity and downstream task accuracy—nearly unchanged, substantially outperforming uniform-noise baselines. The core contribution lies in being the first to integrate fine-grained sensitivity modeling into DP-based LLM training, thereby breaking the longstanding privacy–utility trade-off bottleneck.

Despite advances in the use of large language models (LLMs) in downstream tasks, their ability to memorize information has raised privacy concerns. Therefore, protecting personally identifiable information (PII) during LLM training remains a fundamental challenge. Conventional methods like Differential Privacy-Stochastic Gradient Descent (DP-SGD) provide robust privacy protection via uniform noising, protecting PII regardless of its distinct sensitivity. This comes at the expense of the model's utility, leading to a trade-off. In this paper, we propose SA-ADP, a sensitivity-aware approach that allocates noise based on the sensitivity of individual PII. We evaluated our method on four datasets (ABCD, CUSTOMERSIM, Wikitext-2, and UNSW-NB15 ). Our results show that SA-ADP achieves results comparable to the baseline (No-DP) and the conventional DP-SGD. This means that our method did not degrade the model's utility while still maintaining strong privacy protection.