BackgroundHigh-resolution medical images that include facial regions can be used to recognize the subject’s face when reconstructing 3-dimensional (3D)-rendered images from 2-dimensional (2D) sequential images, which might constitute a risk of infringement of personal information when sharing data.
This research paper examines a critical privacy challenge related to IRREVERSIBILITY — once pii propagates, it cannot be un-propagated.
anonym.plus addresses this through 100% local processing with AES-256-GCM encrypted vault — PII processed and stored locally, never touching any external server.
Once PII propagates, it cannot be un-propagated. The arrow of data only points one direction. PII exposure is a one-way function with no inverse.
Irreducible truth: Information entropy only increases. You cannot recall a broadcast signal. You cannot un-train a neural network. You cannot selectively erase a backup tape. Every deletion mechanism is an approximation — and the original exposure persists.
anonym.plus identifies 200+ entity types including names, emails, phone numbers, medical records, training data with PII. The local Presidio 2.2.357 + spaCy 3.8.11 architecture uses Presidio 2.2.357 deterministic recognizers with 121 built-in presets for structured identifiers and spaCy 3.8.11 with 23 language models, all running locally via FastAPI sidecar for contextual references.
Replace is recommended for this pain point: substituting PII in training data with realistic synthetic alternatives preserves statistical properties while preventing memorization. Redact provides an alternative — removing PII entirely from training data eliminates memorization risk at the cost of reduced training diversity. For scenarios requiring reversibility, Encrypt (AES-256-GCM) enables authorized recovery of original values.
Documents and datasets are batch-anonymized before ML training. The 200+ entity types with 121 presets cover common training data PII patterns. Processed data never leaves the machine.
This pain point intersects with GDPR Article 25 data protection by design, Article 5(1)(c) minimization.
anonym.plus’s GDPR (data never leaves device), HIPAA (local processing) compliance coverage, combined with 100% local — data never leaves device hosting, provides documented technical measures organizations can reference in their compliance documentation and regulatory submissions.
| Specification | Value |
|---|---|
| App Version | v8.10.5 |
| Entity Types | 200+ built-in, up to 50 custom |
| Detection Engine | Presidio 2.2.357 + spaCy 3.8.11 (23 models) |
| Languages | 48 UI, 23 NLP models |
| Document Formats | PDF, DOCX, XLSX, TXT, CSV, JSON, XML + Image OCR |
| Anonymization Methods | Replace, Redact, Mask, Hash (SHA-256/512/MD5), Encrypt (AES-256-GCM) |
| Architecture | Tauri 2.x (Rust + React) + FastAPI sidecar (~370 MB) |
| Platforms | Win/Mac/Linux |
| Licensing | Ed25519 signed, machine-fingerprinted, max 5 machines |
| Processing | 100% local — data never leaves device |
| Compliance | GDPR, HIPAA (data residency guaranteed by local processing) |