PAC (Personal AI-Privacy Capsule)

PAC is a privacy-focused app designed to address the growing risks of data exposure in AI interactions. It empowers people to harness the power of AI while staying compliant with privacy regulations.

Comment 1

Inspiration

We were inspired by the growing concern that even the most innovative AI systems often come at the cost of user privacy. From leaking personal identifiers in prompts to uploading sensitive images to the cloud, these risks are pervasive. We wanted to build something that doesn't just talk about AI privacy, but embeds it into the system design.

What it does

PAC (Personal AI-Privacy Capsule) is a cross-platform privacy layer that runs entirely on-device. It preprocesses user inputs, such as text, images, and even location, to detect and sanitize Personally Identifiable Information (PII), sends only the cleaned content to cloud-based AI services, and then reconstructs the original context locally after receiving the AI response. It also provides audit logging, CSV export, and optional proof-of-deletion receipts backed by a TTL vault using Redis. This prevents any raw PII from leaving the user’s control.

How we built it

We built PAC as a modular system with:

  • A FastAPI backend (Python) that handles PII detection, proxying AI calls, and receipt issuance.
  • A React Native frontend using Expo Go, allowing rapid cross-platform mobile testing.
  • PII detection was implemented using regex (for text) and OpenCV Haar cascades (for images).
  • Receipts are cryptographically signed with HMAC-SHA256, and a TTL vault is maintained via Redis.
  • Everything runs locally by default, and remote API calls are tunneled through Cloudflare for safe external device testing.

Challenges we ran into

Expo Go limitations: We couldn’t directly use certain native modules due to the constraints of the Expo runtime. We worked around this by redesigning our image blur and audit features to be asynchronous and declarative.

Mapping PII back into AI responses: This required deterministic placeholder logic that wouldn’t break multi-line or creative completions—especially with LLM hallucinations.

Data persistence vs. deletion guarantees: Proving deletion was tricky without introducing trust assumptions, so we opted for signed, time-limited receipts using HMAC and Redis TTLs.

Accomplishments that we're proud of

  • Fully functional mobile app with a seamless user experience and zero-trust architecture.
  • On-device image privacy module is lightweight, fast, and works in real-time.
  • Receipt verification mechanism that is cryptographically sound and user-verifiable.

What we learned

  • How to design around zero trust assumptions.
  • Deep dive into NER + computer vision redaction techniques for PII in text and images.
  • Balancing UX with security as users need transparency, but also control and simplicity.
  • Exposing APIs for a mobile frontend, understanding CORS and IP whitelisting.

What's next for PAC (Personal AI-Privacy Capsule)

  • Standalone build for iOS/Android to integrate more powerful image and file privacy modules beyond Expo Go.
  • Local LLM inference via on-device quantized models (e.g., GGUF format) for total offline privacy.
  • Secure multi-party computation (MPC) or homomorphic encryption (HE) for future-proofing external inference calls.
  • Real-world deployment in healthcare or legal use cases with full auditability and deletion receipts.
  • Community edition: Open-source templates for developers to plug PAC into their existing AI-powered apps.

Built With

Share this project:

Updates