PrivacyGuard

Inspiration

Privacy policies average 18 minutes to read — and most women never do. After Roe v. Wade, period tracking apps were found sharing reproductive data with law enforcement. Dating apps expose precise GPS locations. Domestic abuse survivors unknowingly use apps their abusers exploit for surveillance. We built PrivacyGuard because every woman deserves to know in seconds whether an app is safe for her.

What It Does

PrivacyGuard for Women is a Chrome extension that instantly analyzes any website's privacy policy and generates a color-coded Privacy Nutrition Label — like food labels, but for your data.

• 🏷️ Privacy Nutrition Label — Red/Yellow/Green risk score showing data sold, user control, and all data collected
• 🔍 Digital Stalking Risk Score — flags real-time location sharing, activity monitoring, contact list access, and how hard it is to delete your account
• 🔦 Page Highlighter — highlights dangerous clauses red, tracking clauses yellow, and protective features green directly on the policy page
• ⚖️ Site Comparison — compare two sites side-by-side with a clear verdict on which is safer for women
• 📤 Share Warning Card — generate a downloadable PNG to warn your community

How We Built It

A Manifest V3 Chrome Extension in vanilla JavaScript — no frameworks, no external dependencies.

• Service worker detects privacy policy links in the DOM, fetches and strips the HTML to clean text, and calls the Gemini API
• Google Gemini 2.5 Flash analyzes the policy text and returns structured JSON with all scores and flags
• Content script injects color-coded highlights directly onto policy pages using regex pattern matching
• chrome.storage.local persists the last 5 analyses — no external server, all data stays on device

Challenges We Ran Into

• Windows Defender blocked creating a file named background.js (flagged as malware) — we renamed it backend.js and updated the manifest
• Sites blocking scraping — Facebook returned only 58 characters of policy text to unauthenticated fetches; fixed by using a content script to find the live policy URL from the DOM
• Gemini model versioning — gemini-1.5-flash and gemini-2.0-flash both had quota or availability issues mid-build; landed on gemini-2.5-flash on v1beta
• Inconsistent JSON from AI — solved by strict prompt rules and a cleanup step stripping accidental markdown backticks before parsing

Accomplishments That We're Proud Of

• Built a fully working Chrome extension in a single hackathon session
• The Digital Stalking Risk Score is genuinely unique — no other privacy tool asks "could someone use this app to stalk a woman?"
• The Page Highlighter makes dense legal text immediately scannable for anyone
• The warm, approachable UI design intentionally avoids the cold/clinical aesthetic of most security tools

What We Learned

• Chrome Manifest V3 service workers have no DOM access — everything requires careful message-passing between popup, content script, and backend
• AI prompt engineering is a real skill — consistent JSON output required very specific wording and strict output rules
• Women's digital safety is massively underserved in the privacy tools space — there's a real gap we're addressing

What's Next for PrivacyGuard

• Backend proxy server so users don't need their own API key
• Proactive scanning of all sites you visit with a weekly safety report
• Community-sourced privacy ratings database
• Mobile extension support for Safari on iOS

Built With

• chrome.storage
• css
• geminiapi
• html
• javascript
• python