Implement Privacy-First Anonymization Layer for CRM Data Protection
Privacy-First Anonymization Layer Implementation
Summary
Implement reversible data anonymization using Presidio to protect customer CRM data before sending to LLM providers. This addresses enterprise security concerns and enables regulated industry customers while maintaining AI functionality.
Business Context
- Problem: Customer CRM data (names, deals, contact info) currently sent directly to OpenAI/Anthropic
- Impact: Enterprise security reviews, compliance concerns, limited market reach
- Solution: Reversible anonymization - LLMs never see real customer data, but AI functionality preserved
Technical Approach
Library: Microsoft Presidio + LangGraph workflow pattern
Pattern: Anonymize → LLM Processing → De-anonymize → User Response
Data Flow - Before (Current)
Slack Input → [RAW PII] → Teacher Planning → [RAW PII] → Student Execution → [RAW PII] → Database Storage
↓
All customer data exposed to LLM providers
Data Flow - After (With Anonymization)
Slack Input → [ANONYMIZE] → Teacher Planning → [ANONYMIZE] → Student Execution → [DE-ANONYMIZE] → User Response
↓
[ANONYMIZED] → Database Storage
Implementation Plan
Phase 1: Student Agent (Highest Impact)
File: arc-agent/student/student_agent.py
Method: synthesize_results()
- Anonymize Salesforce query results before LLM synthesis
- De-anonymize final results for user presentation
Phase 2: Teacher Agent (Planning Protection)
File: arc-agent/teacher/teacher_agent.py
Method: clarify_intent_and_success()
- Anonymize user queries containing customer names/deals
- Preserve business context while protecting PII
Phase 3: Conversation Storage
File: arc-agent/slack_bot/handlers.py
Method: handle_conversation_message()
- Store anonymized conversation transcripts
- Maintain customer privacy in database
New Component Structure
arc-agent/
├── privacy/
│ ├── __init__.py
│ ├── anonymizer.py # Main anonymization logic
│ ├── entity_configs.py # CRM-specific PII patterns
│ └── presidio_setup.py # Presidio configuration
CRM Entity Definitions
- Account Names: "ACME Corp" → "Enterprise Client A"
- Deal Values: "$2.5M renewal" → "$X renewal"
- Contact Info: Real emails/phones → Faker-generated
- Opportunity Names: Specific deals → Generic business terms
Technical Considerations
- Memory State: Ensure anonymization mappings persist across Temporal workflow steps
- Error Handling: Robust fallback if anonymization fails mid-workflow
- Performance: ~10-50ms additional processing per query result
- Database: Add
anonymization_versiontracking fields
Success Criteria
- [ ] Customer PII never sent to external LLM providers
- [ ] AI functionality preserved (anonymized data maintains business context)
- [ ] Reversible process (real data restored for user responses)
- [ ] Enterprise security review ready
- [ ] Customer-facing privacy documentation
Priority: High
Rationale: Core requirement for enterprise sales, regulatory compliance, and customer trust. Transforms biggest privacy risk into competitive advantage.
Estimated Effort: 2-3 weeks
Dependencies: Presidio library, entity pattern definitions
This issue has 1 comment on GitHub. Read the full discussion on GitHub ↗