PII Detection
The Semantic Privacy Guard™ scans every incoming memory for personally identifiable information (PII) and redacts it before storage.
On this page
How It Works
When a memory is submitted for storage, the Semantic Privacy Guard scans the raw content against a registry of regex patterns. Each pattern targets a specific PII category. When a match is found:
- The matched text is replaced with a typed placeholder
- A SHA-256 hash of the original value is recorded for forensic audit
- The match metadata (type, position, sensitivity level) is logged
- The PII count and risk score are updated
Detection Categories
The standard detection registry includes 12+ pattern categories:
Email addresses
Phone numbers
Credit card numbers
Social security numbers
API keys & tokens
IP addresses
URLs
Dates of birth
Physical addresses
Driver's license numbers
Passport numbers
Bank account numbers
Note
Redaction Format
Detected PII is replaced with typed placeholders that preserve the semantic structure of the content:
Input: "Contact me at [email protected] or 555-0123"
Output: "Contact me at [EMAIL_REDACTED] or [PHONE_REDACTED]"Placeholders follow the format [TYPE_REDACTED], where TYPE matches the detection category (EMAIL, PHONE, SSN, CARD, etc.).
Forensic Hashing
Each redacted value is hashed with SHA-256. This enables:
- Audit — Verify that a specific value was redacted without retaining it
- Deduplication — Detect if the same PII appears across multiple memories
- Compliance — Provide evidence of data minimization practices
The original value is never stored. Only the hash is retained.
Aggressive Mode
When aggressive_sanitize=Trueis set, the sanitizer applies additional protections:
- Strips proper nouns (names that don’t match known entities)
- Provides anti-inference protection against entity linking attacks
- Trades content fidelity for stronger privacy
Warning
Audit Output
Every sanitization operation produces a structured result:
{
"sanitization_details": {
"pii_count": 2,
"risk_score": 0.45,
"is_safe": true,
"items_removed": 2
}
}The risk_score (0.0–1.0) reflects the density and sensitivity of detected PII. Higher scores indicate more sensitive content was processed.
Limitations
Honest Limitations
- Detection is regex-based, not NLP/ML-based
- Context-dependent PII (e.g., "my doctor is Dr. Smith") may not be caught without aggressive mode
- Non-English PII patterns may have lower coverage
- Custom patterns require Enterprise license
- The sanitizer processes content before encryption — it operates on plaintext