Implement Privacy-First Anonymization Layer for CRM Data Protection

Resolved 💬 1 comment Opened Aug 22, 2025 by jbarnes850 Closed Aug 22, 2025

Privacy-First Anonymization Layer Implementation

Summary

Implement reversible data anonymization using Presidio to protect customer CRM data before sending to LLM providers. This addresses enterprise security concerns and enables regulated industry customers while maintaining AI functionality.

Business Context

  • Problem: Customer CRM data (names, deals, contact info) currently sent directly to OpenAI/Anthropic
  • Impact: Enterprise security reviews, compliance concerns, limited market reach
  • Solution: Reversible anonymization - LLMs never see real customer data, but AI functionality preserved

Technical Approach

Library: Microsoft Presidio + LangGraph workflow pattern
Pattern: Anonymize → LLM Processing → De-anonymize → User Response

Data Flow - Before (Current)

Slack Input → [RAW PII] → Teacher Planning → [RAW PII] → Student Execution → [RAW PII] → Database Storage
                ↓
        All customer data exposed to LLM providers

Data Flow - After (With Anonymization)

Slack Input → [ANONYMIZE] → Teacher Planning → [ANONYMIZE] → Student Execution → [DE-ANONYMIZE] → User Response
                                                   ↓
                                           [ANONYMIZED] → Database Storage

Implementation Plan

Phase 1: Student Agent (Highest Impact)

File: arc-agent/student/student_agent.py
Method: synthesize_results()

  • Anonymize Salesforce query results before LLM synthesis
  • De-anonymize final results for user presentation

Phase 2: Teacher Agent (Planning Protection)

File: arc-agent/teacher/teacher_agent.py
Method: clarify_intent_and_success()

  • Anonymize user queries containing customer names/deals
  • Preserve business context while protecting PII

Phase 3: Conversation Storage

File: arc-agent/slack_bot/handlers.py
Method: handle_conversation_message()

  • Store anonymized conversation transcripts
  • Maintain customer privacy in database

New Component Structure

arc-agent/
├── privacy/
│   ├── __init__.py
│   ├── anonymizer.py          # Main anonymization logic
│   ├── entity_configs.py      # CRM-specific PII patterns  
│   └── presidio_setup.py      # Presidio configuration

CRM Entity Definitions

  • Account Names: "ACME Corp" → "Enterprise Client A"
  • Deal Values: "$2.5M renewal" → "$X renewal"
  • Contact Info: Real emails/phones → Faker-generated
  • Opportunity Names: Specific deals → Generic business terms

Technical Considerations

  • Memory State: Ensure anonymization mappings persist across Temporal workflow steps
  • Error Handling: Robust fallback if anonymization fails mid-workflow
  • Performance: ~10-50ms additional processing per query result
  • Database: Add anonymization_version tracking fields

Success Criteria

  • [ ] Customer PII never sent to external LLM providers
  • [ ] AI functionality preserved (anonymized data maintains business context)
  • [ ] Reversible process (real data restored for user responses)
  • [ ] Enterprise security review ready
  • [ ] Customer-facing privacy documentation

Priority: High

Rationale: Core requirement for enterprise sales, regulatory compliance, and customer trust. Transforms biggest privacy risk into competitive advantage.

Estimated Effort: 2-3 weeks
Dependencies: Presidio library, entity pattern definitions

View original on GitHub ↗

This issue has 1 comment on GitHub. Read the full discussion on GitHub ↗