Task 3.2: Implement Data Security and Privacy Controls
This folder covers how MangaAssist protects sensitive data before, during, and after FM interactions. The focus is not only encryption, but also where data can travel, who can access it, how long it lives, and how much of it the model actually needs.
Included Skills
| Skill | File | Focus |
|---|---|---|
| 3.2.1 | 01-protected-ai-environments.md | Network isolation, access boundaries, and protected FM execution environments |
| 3.2.2 | 02-privacy-preserving-fm-interactions.md | PII detection, output filtering, and retention controls during chat |
| 3.2.3 | 03-privacy-focused-ai-systems.md | Utility-preserving masking, anonymization, and privacy-aware downstream use |
Core Design Principles
- Minimize data exposure: the FM should receive only what it needs for the task.
- Isolate the environment: private endpoints and least-privilege IAM matter more than a single encryption checkbox.
- Separate operational data from improvement data: what is needed to answer the user is not always allowed in analytics or training.
- Prove retention: privacy programs fail when deletion and lifecycle policies are undocumented or unenforced.