Overview

The data leakage leakage policy detects and anonymizes Personally Identifiable Information (PII) and other types of sensitive data in text.

It targets sensitive data such as credit card numbers, names, locations, social security numbers, phone numbers, and financial data. For example:

Raw prompt: “My credit card number is 1234 5678 9012 3456.”

Prompt passed to LLM: “My credit card number is [REDACTED_CREDIT_CARD]”

This showcases the policy’s ability to identify and secure PII, keeping sensitive information confidential.

Guardrail details

The policy combines built-in entity detection with custom pattern options:

Built-in Entity Detection

  • Purpose: Identifies common PII types like CREDIT_CARD, EMAIL_ADDRESS, PHONE_NUMBER, etc.
  • Customization: Choose which entities to detect by specifying them in the entities section in the policy configuration.

Custom Pattern Detection

Custom patterns allow for more specific and tailored detection beyond the built-in entities. There are two types of custom patterns:

  1. Regex Patterns:
    • Use: Captures complex patterns not covered by standard entities.
    • Example: ZIP code identification.
    • Configuration: Use the regex key in the patterns section.
  2. Deny List:
    • Use: Blocks specific terms or phrases.
    • Example: Preventing titles like ‘Mr.’ or ‘Mrs.’.
    • Configuration: Defined under deny_list in the patterns section.

This configuration approach ensures that the PII Leakage policy is adaptable to various privacy requirements, effectively preventing unauthorized exposure of personal data.

Configuration

guardrails:
- type: pii-leakage
  detection:
    # Built-in entities
    entities:
    - CREDIT_CARD
    - EMAIL_ADDRESS
    - IBAN_CODE
    - IP_ADDRESS
    - LOCATION
    - PERSON
    - PHONE_NUMBER
    - MEDICAL_LICENSE
    - URL
    - DATE_TIME
    - CRYPTO
    - US_BANK_NUMBER
    - US_DRIVER_LICENSE
    - US_ITIN
    - US_PASSPORT
    - US_SSN
    
    # Custom entities based on regex or deny list
    patterns:
    - name: zip_code
      regex: "(\\b\\d{5}(?:\\-\\d{4})?\\b)"
    - name: title
      deny_list:
        - Mr.
        - Mrs.
        - Ms.
        - Miss
        - Dr.
        - Prof.
  action:
    type: override-response
    response: "[Response restricted due to PII content.]"

In this example, all supported built-in entities are being detected. Additionally, the first custom pattern (zip_code) uses a regex to identify ZIP codes, while the second custom pattern (title) employs a deny list to block specific titles.