Please note: I ran out of time to do captions on the video and wasn't interested in doing a voice over. The console shows it works and you can also test it.
Inspiration
For years, analytics has operated with a tradeoff, insight at the cost of user privacy. As a marketer, I've grappled firsthand with analytics tools that felt invasive and ethically questionable. Cookie banners and vague promises of anonymized data didn't solve the fundamental issue: most analytics tools quietly collect identifiable information, compromising user trust.
Pythia emerged from my determination to prove that true privacy and powerful insights aren't mutually exclusive. Inspired by Apple’s differential privacy approach, I decided to bring client-side noise injection directly into web analytics giving businesses clear insights without ever seeing raw user data.
What it does
Pythia is the first analytics platform combining client-side differential privacy, real-time forecasting, and instant Slack anomaly alerts. It injects Laplace noise directly in the browser before sending data, ensuring users’ privacy is mathematically guaranteed. It then forecasts future traffic using Facebook’s open-source Prophet model, transparently reporting forecasting accuracy with a current MAPE of 9.8%. If traffic spikes or dips unexpectedly, Pythia immediately notifies your team via Slack. No raw data or personal identifiers involved.
How we built it
Client-Side Noise Injection: Every event tracked (pageview, conversion, etc.) has differential privacy noise added client-side. Users control privacy levels (ε), balancing insight and privacy.
Real-Time Forecasting with Prophet: Pythia runs automated forecasts on Fly.io using the Prophet forecasting library, achieving a remarkably accurate 9.8% MAPE even with noisy data. Forecasts update every few minutes and are seamlessly integrated into the dashboard.
Instant Anomaly Alerts: Real-time data is continuously monitored. When unusual activity occurs, alerts are sent immediately through Slack.
Pythia’s architecture uses Netlify Edge functions, Supabase for data storage, and a forecasting microservice deployed on Fly.io—ensuring a robust, scalable, and privacy-first analytics infrastructure.
Built With:
- TypeScript + React – front-end framework (Vite bundler)
- Tailwind CSS – lightweight styling
- Chart.js / react-chartjs-2 – time-series and bar charts
- Visx Heatmap – cohort-retention visualization
- Netlify Edge Functions – ingest API and dashboard endpoints
- Supabase (PostgreSQL + RLS) – event storage and row-level security
- Fly.io Machines – always-on VM running the forecasting service
- Python 3.11 + Facebook Prophet – automated time-series forecasts
- Slack Incoming-Webhook API – real-time anomaly alerts
- Differential-Privacy Laplace Mechanism – client-side noise injection
- SWR – React data-fetching with revalidation
- Vitest + MSW – unit tests and API mocking
- Docker – containerized forecast job
- GitHub Actions – CI / CD for lint, test, and Netlify deploy
Challenges we ran into
Data Accuracy with Privacy: Differential privacy introduces intentional noise, so balancing accuracy (low MAPE) and meaningful privacy guarantees was challenging. Extensive tuning was necessary to find the right balance.
Forecasting Noisy Data: Ensuring Prophet forecasts remained accurate despite injected noise required significant experimentation, data validation, and pipeline optimization.
Integrating Multiple Technologies: Coordinating client-side noise injection, Netlify functions, Fly.io forecasting, and Supabase database interactions demanded extensive debugging, patience, and perseverance.
Clear Communication of Privacy Concepts: Differential privacy concepts are complex. Creating clear documentation and intuitive dashboards to illustrate privacy benefits took considerable effort.
Accomplishments that we're proud of
- Achieving a MAPE of 9.8% despite client-side noise injection—demonstrating that accurate forecasting is compatible with rigorous privacy standards.
- Full-stack integration from noise injection to forecasting, deployed in production-ready architecture within a short hackathon window.
- Transparent, actionable insights provided without collecting any personal data, setting a new privacy standard in analytics.
- Instant, real-time Slack anomaly alerts that provide immediate value without compromising user privacy.
What we learned
- Differential privacy, particularly client-side noise injection, can be practical and highly effective in real-world web analytics.
- Prophet is robust enough to handle noisy data, delivering highly accurate forecasts even with differential privacy noise.
- Integrating privacy-centric solutions requires careful planning and a deep understanding of user experience—clarity and transparency are as important as technical functionality.
- The power of combining various platforms (Netlify, Fly.io, Supabase) to rapidly build and deploy scalable, privacy-first solutions.
What's next for Pythia
- Per-metric Forecasting: Extending forecasting to specific metrics such as conversions, sign-ups, and revenue.
- Enhanced Dashboard: Incorporating additional user-friendly visualizations and tools for businesses to understand their privacy vs. accuracy tradeoffs.
- Broader Integrations: Adding support for additional channels beyond Slack, including email alerts and automated actions based on forecasted data.
- Public launch and education: Releasing more documentation, case studies, and educational resources to promote privacy-first analytics.
Pythia is positioned to redefine privacy standards in analytics, providing both transparency and insight for businesses worldwide.
Log in or sign up for Devpost to join the conversation.