AIAny
AI Model2026
Icon for item

Rampart

Detects and redacts personally identifiable information (PII) in user-typed text on-device, replacing sensitive values with stable placeholders before any data leaves the browser. Uses a small quantized ONNX token-classification model plus deterministic recognizers for structured identifiers, and applies a policy-driven keep-set for coarse geography.

Introduction

Keeping user-entered PII out of servers and logging pipelines is a pragmatic, high-impact privacy control for chat assistants and intake flows. Rampart's core insight is trading a tiny on-device model for a local-first guard that removes most sensitive tokens before they ever touch a provider, reducing the downstream blast radius of accidental data collection.

What Sets It Apart
  • Defense-in-depth pipeline: a recall-biased token-classification encoder works together with a deterministic recognizer (regex + checksum) so structured identifiers (SSNs, cards, emails, URLs, IPs) get near-deterministic coverage while names and free-form IDs get contextual model coverage.
  • Client-first, very small runtime: the shipped artifact is a quantized ONNX classifier designed to run in browsers (WASM/WebGPU) and Node, enabling redaction at the trust boundary rather than in back-end logs.
  • Conversation-aware placeholders: detected values are mapped to stable session placeholders (e.g. [GIVEN_NAME_1]) so assistants can send placeholders to models and locally rehydrate human-visible replies without transmitting raw PII.
  • Policy-driven retention: a default-deny policy redacts most sensitive fields while keeping coarse geography (city/state/ZIP) to preserve useful context for assistants.
Who It's For and Tradeoffs

Great fit if you need a lightweight, client-side PII scrubber for chatbots, form intake, analytics pre-filtering, or to reduce risk in telemetry. It helps teams enforce a simple keep/redact policy without server-side changes. Look elsewhere if your user base routinely types non-Latin scripts (Rampart is scoped to seven Latin-script languages) or you require a formal security boundary against motivated adversaries—adversarial evasion and some government-style IDs remain weaker without additional format validators. Integrators should also treat it as harm-reduction, not a sole compliance control, and complement it with server-side auditing and domain-specific guards where necessary.

Information

  • Websitehuggingface.co
  • OrganizationsNational Design Studio
  • Published date2026/06/28

Categories

More Items

Hugging Face
AI Model2026

Provides GGUF-quantized Inkling multimodal model weights for local image/audio-to-text and conversational inference. Includes quantization variants (example: 1-bit UD-IQ1_S), Apache-2.0 license, and compatibility with Unsloth Studio, vLLM and common inference stacks.

Hugging Face
AI Video2026

Generates a new camera viewpoint from a reference video: an IC‑LoRA adapter for LTX‑Video 2.3 that re‑renders the same scene from a requested discrete camera angle while preserving subject and content. Trained on synthetic multi‑view data, proof‑of‑concept with limited viewpoint range and best for small, chained angle shifts.

Hugging Face
AI Model2026

Runs a full 27B-class Qwen3.6-derived LLM in a ~7.2 GB ternary/2‑bit format for on-device or single‑GPU text generation, retaining ~95% of FP16 performance and supporting a 262K‑token context. Designed for laptop/GPU deployment; exceeds typical phone memory limits.