Popular AI chatbots such as Claude, Gemini, and ChatGPT can analyze data from spreadsheets and other uploaded files.You can upload spreadsheets and ask them to create summaries, find patterns, and more.I wanted to use ChatGPT to analyze my spending to see if it could find ways to save money, but I didn't want to upload my personal information to the cloud.
Using a PII-detection tool and a local LLM, I was able to strip away the personal information before I uploaded my files.Your bank statements reveal more than you think Obvious identifiers are only part of the risk There are some obvious details on a bank or credit card statement that I didn't want to upload to the cloud.My bank account number, name and address, and even partial card numbers are all pieces of information that I didn't want to be sharing unnecessarily.
None of this information is needed to analyze my spending.Beyond these obvious identifiers, however, financial statements contain many other details that can reveal information about you.For example, the details of normal transactions can potentially reveal where I shop, where I live, which doctor I visit, where my kids go to school, when I'm away from home and where I go, and the names of individuals I send payments to or receive payments from.
Uploading a bank statement with just the obvious details obscured may not be enough.If I want to maintain my privacy, I need to strip out a lot more.The good news is that I can do exactly that with a privacy tool and a local LLM running on a modest mini PC.
Presidio can strip out the details that are easy to spot The first pass handles names, contact details, and financial identifiers Presidio is an open-source framework for identifying and anonymizing personally identifiable information (PII).It can analyze extracted text for names, phone numbers, email addresses, locations, credit card numbers, and more.The detected text can then be replaced with placeholders such as [PERSON] or [PHONE_NUMBER] using Presidio's Anonymizer.
You can add custom recognizers directly as part of your request so that Presidio can also redact information that it might otherwise leave untouched.For example, you can add specific account reference formats so that matching references can also be replaced.I set up Presidio in a container on my mini PC.
The Presidio processing takes place locally on that machine, so the data does not need to be sent to a third-party service.Related I self-host my own private ChatGPT with this tool Running your own AI isn't only easy, it is a lot more cost effective if you already have a gaming PC.Posts 2 By Nick Lewis Transaction descriptions can give away a lot of information The most revealing details don't always look like PII The problem with using Presidio alone is that it may not catch everything.
Presidio's recognizers can miss things they have not been configured or trained to identify, but which could still expose personal or sensitive information.For example, a payment reference for a school trip may inadvertently expose the name of my children's school, while the name of a local club might be unique enough to reveal my location.Presidio can't understand the document in the same way an LLM can.
It relies on configured recognizers, including pattern matching and contextual rules, to identify text that may contain PII.If something falls outside those patterns, it won't be touched, even if it very obviously contains personal information.A local LLM can catch what Presidio leaves behind Clues to your identity can be replaced with useful labels Close This is where a local LLM can help.
LLMs can use context to spot potentially revealing text that Presidio might otherwise miss.For my use case, I could also prompt the model to replace sensitive text with useful placeholders.For example, if a transaction description includes the name of my dental practice, that could expose my location.
However, if the payee is simply replaced with "PAYEE," this isn't helpful when I want to analyze my spending.The most powerful AI in the world is going to struggle to give me useful spending advice if it can't tell what the money is actually being spent on.Using an LLM, I can replace the name of my dental practice with "dentist" or the name of my kids' school with "school." This gives ChatGPT enough information to work with, without exposing anything identifiable.
With a small local model running in Ollama on my mini PC and a carefully written prompt, I can identify and replace additional potentially identifying information before uploading the data to ChatGPT.This is where a local LLM really shines; you can upload sensitive data without worrying about where it might end up.It takes some time to run on my hardware, but it's not something that needs to work instantly.
Two privacy filters may still not be enough I always check the results myself The local LLM is there to catch details that have slipped past Presidio, but it can miss things, too.Even after running both passes, there's no guarantee that all of the PII has been stripped from my data.That's why once my data has run through both Presidio and my local LLM, I go over it myself, looking for anything that has been missed.
Only once I've checked the data personally am I comfortable that the risk of overlooked PII is low enough for me to upload the document to ChatGPT.Checking manually doesn't take too long, as I'm not uploading hundreds of documents at a time; when I analyze my spending, I'm usually only uploading one month's statements.Since most of the PII has already been caught, I usually only need to edit one or two things here and there to remove additional personal information.
ChatGPT doesn't need to know where I shop AI chatbots are incredibly useful, but it's easy to upload anything and everything to them without really thinking about it.I don't want sensitive financial data ending up on third-party servers, and while OpenAI already holds account and payment information that includes my name and contact details, it really doesn't need to know where I shop.
Read More