Privacy Policies (PII)
Overview
Privacy policies enable the detection, redaction, or sanitization of sensitive PII in real-time.
Types of PII Supported
Personally Identifiable Information (PII) is information that could potentially identify a specific individual or organization.DynamoGuard currently supports the following set of PII in addition to custom specified regex-based entities.
| Class Name | Description | Example(s) |
|---|---|---|
| CREDIT_CARD | Credit card information, including Credit Card number, expiration, and CVV. | "6504 8764 7593 8248" |
| EMAIL_ADDRESS | Any email address to which email addresses can be delivered | "jane_doe@org.com", "jane_doe [at] org [dot] com" |
| IBAN_CODE | International Bank Account Number (IBAN) | "FR650154264610QJGP3UHAJDJ02" |
| LOC | Location reference, including full and partial street addresses, city, state, and country names, coordinates, and landmarks. | "The United States", "Central Park", "123 Main St", "JFK" |
| ORG | Name of an organization, including companies and institutions. | "OpenAI", "OPEC", "SEC" |
| PASSPORT | Passport number issued by any country. | "604876475", "Q24219489" |
| PERSON | Person’s full or partial name, including titles | "Eric", "Jane Doe", "Parker" |
| PHONE_NUMBER | Telephone or fax numbers | "961-770-7727" |
| US_SSN | US Social Security Numbers | "865-50-6891" |
PII Policy Actions
DynamoGuard currently supports the following actions for PII policies.
- Flag: allow user inputs and model outputs containing PII, but flag input or output in moderator view
- Block: block user inputs or model outputs containing detected PII
- Redaction: redact PII from user inputs before they are passed to the model or redact PII in model outputs before the response reaches the end-user
- example:
- input: ‘My name is John Doe’
- redacted input (passed to model): ‘My name is <PERSON>
- example:
- Sanitization: sanitize PII from user inputs before they are passed to the model and de-sanitize any PII contained in the initial input from the model’s response.
- example:
- input: ‘My name is John Doe and my brother’s name is Jacob Doe’
- sanitized input (passed to model): ‘My name is <PERSON-1> and my brother’s name is <PERSON-2>’
- raw model response: ‘Hello <PERSON-1>, I hope you and <PERSON-2> are doing well’
- de-sanitized response (given to user): ‘Hello John Doe, I hope you and Jacob Doe are doing well’
- example:
Custom PII (Coming Soon)
Coming soon.