Aulafy
Courses/AI security and evaluation/Privacy, Logs, and Sensitive Data

Privacy, Logs, and Sensitive Data

Privacy breaks down in very ordinary places: saved prompts, overly complete logs, screenshots, vectors containing personal data, forwarded emails, or tools with broad permissions.

  • Reduce data before sending it to the model.
  • Separate useful logs from dangerous logs.
  • Design retention, anonymization, and review for educational or SMB apps.

What should not go into logs without thinking

  • Full prompts containing personal data.
  • Responses with contracts, invoices, or records.
  • Tokens, API keys, cookies, or headers.
  • Complete retrieved documents.
  • Original user audio when there is no clear need.

Minimum secure log

TerminalCode
{
  "request_id": "req_20260703_001",
  "user_role": "soporte",
  "tenant_id_hash": "6f2a...",
  "route": "/api/chat",
  "model": "qwen3:8b",
  "risk_flags": ["pii_detected", "rag_used"],
  "retrieved_document_ids": ["doc_123", "doc_456"],
  "answer_length": 842,
  "refused": false,
  "latency_ms": 1840
}

Filter before the model

TerminalCode
def redact(text):
    text = text.replace("API_KEY=", "API_KEY=[REDACTED]")
    # En producción usa detectores más serios para emails, teléfonos, DNI y secretos.
    return text

safe_prompt = redact(user_prompt)
response = model.generate(safe_prompt)