Because the “PII Map” (the link between ID:1 and John Smith) effectively is the PII, we treat it as sensitive material.
The library includes a crypto module that forces AES-256-GCM encryption for the mapping table. The raw PII never leaves the local memory space, and the state object that persists between the masking and rehydration steps is encrypted at rest.
I've bookmarked this for inspiration for a medium/long term project I am considering building. I'd like to be able to take dumps of our production database and automatically (one way) anonymize it. Replacing all names with meaningless but semantically representative placeholders (gender matching where obvious - Alice, Bob, Mallory, Eve, Trent perhaps, and gender neutral like Jamie or Alex when suitable). Use similar techniques to rewrite email addresses (alice@example.org, bob@example.com, mallory@example.net) and addresses/placenames/whatever else can be pulled out with Named Entity Recognition. I suspect I'll in general be able to do a higher accuracy version of this, since I'll have an understanding of the database structure and we're already in the process of adding metadata about table and column data sensitivity. I will definitely be checking out the regexes and NER models used here.
That sounds interesting! I've been thinking about using representative placeholders as well, but while they have their strengths, there are also some downsides. We decided to go with an XML tag also because it clearly identifies the anonymized text as being anonymized (for humans) so mixups don't happen.
After reading your comment I think it would also be really interesting to be able to add custom metadata to the tags. Like if you have a username that you want to anonymize, but your database has additional (deterministic) information like the gender, we should add a callback for you as the user to add this information to the tag.
My hope is it means it assigns coded identifiers and the key remains local. When the document returns, the identifiers can be restored. So the PII itself never leaves the premises.
If I were a bad actor, I'd use things like this to gather people together and/or empty out places.
But... Chicago has a long history of doing anything but actually trying to solve their problems. Suing faceless entities/corporations seems to be the m.o.
Suing other states for not having good enough gun laws because guns surely can only come from other states, things like that. (I'm going off memory here and just had my first coffee).
I'm a little older than you (mid fifties) and back in my day we couldn't have walkmans/headphones on inside the school. I walked so in the winter I would wear headphones instead of earmuffs/hats (had to rock that 80's hair) and got in trouble all the time. Like one step in the building and busted.
I think the biggest barrier to a phone ban being more widely adopted is parents. My wife works in the front office of a middle school and parents lose their minds if a kid gets their phone taken away. "But but but what if I NEED to get ahold of my kid during the day?". Umm... You ask the school to get your kid? I dunno seems pretty straightforward.
Then again I'm in an affluent area where moms against liberty (as I call them) are prevalent so maybe it's just the people here?
reply