Create an obfuscation agent to protect sensitive student PII #11
Description
In production, no real student names and other PII should be sent to 3rd party LLM API endpoints. Functionality needs to be built that will detect real names, map and replace the real name with Faker names, then filter the LLM response and use the map to re-insert the real name into the locally rendered response.
Here is a simplified workflow of what happens now and what should happen.
Now
- User: "What homework does John need to complete tonight?"
- Application: Search database for students with the first name Johnny -> returns Johnny Jones and all info
- Application: Search homework API for Johnny Jones's homework assignments -> Returns Math and Reading assignment
- Application: Prompt LLM to answer the question and provide all of Johnny Jone's context.
- LLM Server -> Johnny Jones has Math and Reading homework tonight
Proposed enhancement
- User: "What homework does John need to complete tonight?"
- Application: Search database for students with the first name Johnny -> returns Johnny Jones and all info
- Application: Search homework API for Johnny Jones's homework assignments -> Returns Math and Reading assignment
- Application: Map Johnny Jones to Faker() created name Matthew McReed.
- Application: Prompt LLM to answer the question and provide all of Matthew McReed's context.
- LLM Server -> Matthew McReed has Math and Reading homework tonight
- Application ->
Matthew McReedJohnny Jones has Math and Reading homework tonight
A middleware-styled class needs to sit between the LLM call and the server retrieval logic, detecting potential PII through an NLP model like spaCy, maps PII to a Faker generated name, and then replacing the Faker name with PII once the response is returned from the server.