Privately

Privately Logo

Text Description

Privately is a Chrome extension that safeguards users from accidentally exposing sensitive information (such as personal identifiers, credentials, or code-related secrets) when submitting prompts to AI systems. It empowers developers, students, and knowledge workers to control what data leaves their browser, ensuring privacy and compliance without interrupting workflow.

Features & Functionality:

Smart PII Detection: Combines regex validators for structured identifiers (emails, phone numbers, NRIC, credit cards, etc.) with a fine-tuned DistilBERT-base-uncased model (via ONNX Runtime) for fuzzy entities like names and addresses.
Inline Redaction UI: Detected entities are displayed in-browser, with tooltips that allow quick actions — Remove, Replace with placeholder, Skip once, or Ignore all.
User Transparency & Control: All detection categories are configurable via an options dashboard, giving users full control over what is flagged.
Seamless Chrome Integration: Lightweight extension (Manifest V3) runs locally on any website before prompt submission.

Development Tools

IDE: VSCode
Notebook: Google Colab
Version Control: Git

APIs

FastAPI /detect Endpoint – Extension sends intercepted prompts to backend for model inference, receives detected PII spans + labels.

Assets

Names and Address dataset obtained online from https://data.gov.sg/

Libraries

FastAPI
Uvicorn
Onnxruntime
Transformers
Optimum

Problem Statement

As AI systems become integral to coding, learning, and professional workflows, users frequently paste raw code snippets, configs, or personal details into prompts. This creates a high risk of leaking sensitive data (e.g., NRIC, addresses, emails, API keys) to third-party AI providers. Privately addresses this by acting as a last line of defence: scanning prompts in real-time, detecting potential leaks (both structured and unstructured PII), and empowering the user to review/redact before submission

Demo video: https://youtu.be/SQ8Mu4-5KpU

Inspiration

Privately was inspired by a simple but risky habit: pasting code, configs, or personal data directly into AI tools like ChatGPT. As developers and students, we realised that we often include API keys, NRICs, or names in our prompts without thinking, and once submitted, that data could be stored on external servers forever. We wanted to create a simple, browser-native safety net that could prevent these accidental leaks before they happened.

What it does

Privately is a Chrome extension that acts as a real-time privacy guard for AI prompts. It scans every input field in the browser and detects sensitive information before it can be submitted. Structured PII such as emails, phone numbers, NRICs, credit cards, JWTs, and secrets are detected using regex validators, while fuzzier entities such as names and addresses are identified by a fine-tuned DistilBERT-base-uncased model. When something sensitive is found, the extension displays a tooltip with one-click actions that allow the user to remove the data, replace it with a placeholder, skip it once, or ignore the category entirely. Because all processing happens locally in the browser, no prompt data ever leaves the device.

How we built it

To build Privately, we first created a dataset by collecting multicultural names and Singapore-specific addresses from open sources like data.gov.sg. We then generated synthetic snippets that mixed natural text with code-like examples, and automatically labeled these snippets for training in JSONL format. Next, we fine-tuned the DistilBERT-base-uncased model for token classification using BIO tagging. After training, we exported the model to ONNX, quantized it to INT8, and integrated it with onnxruntime-web so it could run efficiently inside Chrome.

On the frontend, we built a Chrome Extension using Manifest V3 with vanilla JavaScript, HTML, and CSS. Regex scanning was implemented inside content scripts, and we designed the UI so that detected PII was highlighted inline with tooltips offering different actions. We then integrated the regex results with the model predictions using a custom merging function. Chrome Extension APIs such as storage, runtime messaging, and scripting were used to handle communication between the content scripts, background worker, and options dashboard.

Challenges we ran into

One of the biggest challenges we faced was data scarcity, since there are no public datasets of PII in code contexts. To overcome this, we had to generate synthetic but realistic training data. But also a lot of time is required to obtain a good set of data for training and at the same time test the user fronted features.

Accomplishments that we're proud of

We are proud of developing new technologies that we have not built on before. We definitely learn things along the way. As we built, we had to make decisions on choosing and trying frameworks. But having gone through the process, we are proud of the decisions we made. We are very happy that as a 2-person team, we tried our best to complete all the tasks within the time frame.

What we learned

We learn different frameworks as well as new concepts regarding machine learning and developing on web extensions. Through this project, we learned how important it is to balance technical innovation with practical usability. We discovered that effective solutions often require combining different approaches rather than relying on a single method. We also realized that designing for privacy is not only about accuracy but also about creating an experience that gives users clarity and control.

What's next for Privately

Looking ahead, we want to expand Privately to cover more categories of sensitive information, such as license plates. But improving the model and regex detection rate is the utmost priority, as accuracy is critical. We also plan to extend detection beyond English and Singapore-specific identifiers to support multiple languages and regions. We want to further refine the current features and possibly add more interesting features.