Redaction Recommendations
SotsAI is designed to operate with minimal personal data. You do not need names, emails, or identifiers to generate high-quality behavioral reasoning.
This page explains what to redact, what to keep, and how to preserve signal while reducing privacy and security risks.
These recommendations apply primarily to the context_summary field sent to SotsAI.
Core principle
Section titled “Core principle”Describe behaviors, not identities.
SotsAI’s reasoning engine relies on:
- interaction patterns
- communication dynamics
- intent and constraints
It does not require:
- real names
- email addresses
- internal IDs
- company-specific secrets
What to remove (or replace)
Section titled “What to remove (or replace)”Before calling SotsAI, you should redact or generalize the following:
Direct identifiers
Section titled “Direct identifiers”- first and last names
- email addresses
- phone numbers
- usernames or internal IDs
Instead of
> “I need to give feedback to *John Smith* (john.smith@company.com)”Use
> “The user needs to give feedback to a direct report”Organization-specific data
Section titled “Organization-specific data”- internal project codenames
- customer names
- proprietary product details
- confidential financial information
Instead of
> “On Project Atlas for client ACME Corp…”Use
> “On a high-visibility client project…”Sensitive personal data
Section titled “Sensitive personal data”Avoid including:
- medical or mental health information
- legal or disciplinary records
- highly sensitive personal circumstances
If relevant, describe impact, not diagnosis.
Instead of
> “They are burned out and on medical leave”Use
> “They appear exhausted and disengaged, and are struggling to keep up”What to keep (this is the signal)
Section titled “What to keep (this is the signal)”Redaction should not remove what makes the situation meaningful.
You should keep:
Observable behaviors
Section titled “Observable behaviors”- what was said or done (at a high level)
- recurring patterns
- reactions (defensiveness, withdrawal, over-assertiveness)
Example:
> “When user gives direct feedback, their interlocutor becomes very quiet and avoid follow-up questions.”Intent and objective
Section titled “Intent and objective”Explain what the user is trying to achieve.
Example:
> “The user wants to improve quality without damaging trust.”Constraints and stakes
Section titled “Constraints and stakes”Time pressure, power dynamics, emotional risk, visibility.
Example:
> “This conversation affects a critical delivery and the ongoing relationship.”Recommended redaction patterns
Section titled “Recommended redaction patterns”Use role-based references
Section titled “Use role-based references”Replace names with roles:
- “user’s manager”
- “a peer”
- “a direct report”
- “a stakeholder”
This preserves power dynamics without identity.
Use temporal generalization
Section titled “Use temporal generalization”Avoid exact dates or timelines unless necessary.
Instead of
> “Last Friday at 3pm…”Use
> “Recently” or “In the last few weeks”Abstract direct quotes
Section titled “Abstract direct quotes”Do not include verbatim sensitive quotes unless required.
Instead of
> “They said: ‘You always micromanage me and never trust my work.’”Use
> “They accused user of micromanagement and lack of trust.”Automating redaction (recommended)
Section titled “Automating redaction (recommended)”For production systems, consider automated safeguards:
- regex-based removal of emails and phone numbers
- name detection and replacement
- allowlists for acceptable fields
- maximum length limits on summaries
If your system uses an LLM or rule-based processor before calling SotsAI, instruct it explicitly to:
- remove identifiers
- generalize roles
- summarize instead of quoting
Example: before vs after
Section titled “Example: before vs after”Before (not recommended)
Section titled “Before (not recommended)”> “I need help talking to Sarah Dupont (sarah.dupont@company.com), who works on Project Phoenix for our biggest client. She told me yesterday that she feels anxious and burned out.”After (recommended)
Section titled “After (recommended)”> “The user needs help talking to a direct report on a high-visibility project. The report appears anxious and disengaged, and the user wants to support them while maintaining delivery standards.”Why this matters
Section titled “Why this matters”Redaction:
- reduces privacy and compliance risk
- limits blast radius in case of logs or traces
- improves portability across environments
- aligns with enterprise data minimization principles
Well-redacted inputs often produce better advice, not worse.
Summary checklist
Section titled “Summary checklist”Before calling SotsAI:
- Names and emails removed
- Roles used instead of identities
- Sensitive data generalized
- Behaviors and intent preserved
- Summary is concise and signal-rich
SotsAI works best when it understands how people interact, not who they are.