User profiling enables personalized services but introduces severe privacy risks, including behavioral tracking, device fingerprinting, and profile reconstruction attacks. To address these threats, we propose a dual-loop collaborative privacy-preserving framework: (1) On the client side, we employ differential privacy to generate perturbed profiles, integrating dynamic profile entropy control and data evaporation mechanisms to achieve attribute-level controllable privacy decay; (2) On the server side, we adopt a multi-variant private information retrieval (PIR) scheme to enable on-demand service access while preserving end-to-end privacy. To our knowledge, this is the first dual-loop defense framework explicitly designed under formal behavioral attack modeling. Evaluated in an advertising recommendation scenario, our approach achieves latency comparable to baseline methods while reducing sensitive attribute leakage risk by 92.7%, demonstrating significantly enhanced robustness against diverse profiling attacks.

User profiling is crucial in providing personalised services, as it relies on analysing user behaviour and preferences to deliver targeted services. This approach enhances user experience and promotes heightened engagement. Nevertheless, user profiling also gives rise to noteworthy privacy considerations due to the extensive tracking and monitoring of personal data, potentially leading to surveillance or identity theft. We propose a dual-ring protection mechanism to protect user privacy by examining various threats to user privacy, such as behavioural attacks, profiling fingerprinting and monitoring, profile perturbation, etc., both on the user and service provider sides. We develop user profiles that contain sensitive private attributes and an equivalent profile based on differential privacy for evaluating personalised services. We determine the entropy of the resultant profiles during each update to protect profiling attributes and invoke various processes, such as data evaporation, to artificially increase entropy or destroy private profiling attributes. Furthermore, we use different variants of private information retrieval (PIR) to retrieve personalised services against differentially private profiles. We implement critical components of the proposed model via a proof-of-concept mobile app to demonstrate its applicability over a specific case study of advertising services, which can be generalised to other services. Our experimental results show that the observed processing delays with different PIR schemes are similar to the current advertising systems.