anonym.legal

By · Last updated 2026-04-13

Povratak na blogTehnička

Privatnost u okruzenjima bez interneta: Anonimizacija offlajn

FedRAMP i ITAR okruzenja imaju jednu zajednicku stvar - oblak nije opcija. Reverzibilna pseudonimizacija prema GDPR cl. 4(5).

April 13, 20269 min čitanja
air-gapped anonymizationSCIF document processingITAR complianceFedRAMP offline toolsoffline PII detection

Pravilo o fizickom razdvajanju mreze

Neke mreze nemaju internet. Ne zbog politike - vec po dizajnu.

SCIF (Objekat za bezbedne poverljive informacije) je soba okruzena Faradejevim kavezom. Nikakav bezicni signal ne ulazi niti izlazi. ITAR (Medjunarodne propisi o prometu oruzja) zabranjuje slanje pokrivenog tehnickog sadrzaja neodobrenim stranama. Provajderi usluga u oblaku nisu ITAR odobreni. Za ove grupe, "SaaS u oblaku" nije rizik kojim treba upravljati.

Za ove lokacije, alati u oblaku jednostavno ne funkcionisu.

Alat koji zahteva aktivnu mreznu vezu ne moze ovde raditi. Alat koji poziva licencni server je blokiran. Alat koji salje fajlove cloud API-ju radi detekcije ne moze funkcionisati unutar SCIF-a. Ovo nisu rubni slucajevi. To su svakodnevna ogranicenja za odbrambene timove.

Slucaj ITAR-a

Naučnica podataka u odbrambenom preduzecu ima personalne zapise pod ITAR-om. Mora ukloniti imena i ID-eve pre deljenja fajlova. Njena mreza je fizicki razdvojena.

Nema resenja u oblaku. Jedini put je alat koji radi na lokalnom uredjaju. Mora lokalno cuvati svoje modele. Mora proizvesti cist izlaz bez eksternih poziva.

Desktop aplikacija zasnovana na Tauri 2.0 to radi. Nakon instalacije, tokom pokretanja ne dolazi do mreznih poziva. spaCy NER modeli i regex obrasci rade na lokalnom procesoru. Izlaz ostaje na uredjaju dok ga korisnik ne izveze.

Zasto je reverzibilnost vazna

Klasifikovani rad cesto zahteva reverzibilnu pseudonimizaciju. Timovi zamenjuju prava imena kodovima. Cuvaju zapise upotrebljivim. Stite prave identitete.

GDPR clan 4(5) definise pseudonimizaciju kao formalnu meru privatnosti. Smanjuje rizik. Pseudonimizovani zapisi nose manje pravnih obaveza - ako se token za pretragu cuva odvojeno od skupa podataka.

Istrazivanje IAPP-a (2024) pokazalo je da samo 23% alata podrzava pravu reverzibilnost. Vecina radi jednosmerno maskiranje ili potpunu zamenu. Kada se zapis prepisе, nestaje.

Neki vladini timovi dele posao po odeljcima. Jedan tim dobija pseudonimizovane fajlove. Vrsi analizu. Drugi tim cuva token za pretragu. Ponovo identifikuju zapise samo kada to zakon zahteva. Ovaj podeljeni dizajn je jedini siguran pristup za klasifikovane radne tokove sa vise timova.

Model nultog znanja ide korak dalje. Token za pretragu se kreira na klijentskom uredjaju. Nikada se ne salje napolje. Ako prodavac primi sudski poziv, ne moze predati token. Nikada ga nije ni imao. Ovo zadovoljava pravila o lancu starateljstva u mnogim klasifikovanim okruzenjima.

EDPB odvajanje tokena

Smernice EDPB 05/2022 kazu da token pseudonimizacije mora biti cuvan odvojeno. Ne sme se nalaziti kod iste strane koja cuva pseudonimizovane zapise. Ili mora biti zakljucan iza kontrola koje toj strani sprecavaju citanje i zapisa i tokena istovremeno.

Tri stvari zajedno ispunjavaju ovo pravilo:

  • Token kreiran na klijentskom uredjaju - nikada se ne salje napolje
  • Sva obrada se vrsi lokalno - nista ne napusta lokaciju sa fizickim razdvajanjem mreze
  • Izlaz i token se izvoze odvojeno - dva odvojena fajla, dva odvojena puta

Ovaj dizajn ispunjava i EDPB pravilo i ogranicenje fizickog razdvajanja mreze istovremeno.

Za siru sliku, nas pregled bezbednosti pokazuje kako lokalna obrada smanjuje lanac trecih strana. Nas vodic za usaglasenost pokriva pravila o prenosu prema GDPR-u. Pogledajte nas FAQ za pomoc pri podesavanju.

Desktop aplikacija anonym.legal pokrecе svu detekciju LPI-ja na lokalnom uredjaju. Nakon instalacije, internet nije potreban. Podrzava Windows, macOS i Linux. Ugraddjeni NLP modeli pokrivaju 24 jezika.

Azurirano za 2026.

Izvori

Povezani članci

Tehnička

Cross-Platform PII: Mac, Linux, and Windows

Privacy officers on Mac, legal on Windows, data engineers on Linux — all processing the same data with different tools. Here's why OS-agnostic detection.

Tehnička

Cross-Application PII: Word, Chrome, and AI

Customer data flows from browser research to Word drafts to Claude prompts. Each context switch is a potential leakage point.

Tehnička

GDPR in App Logs: JSON PII Compliance

Application logs contain customer email addresses, IPs, and account numbers that GDPR Article 5(1)(e) requires be managed.

Spremni da zaštitite svoje podatke?

Počnite sa anonimizacijom PII sa 285+ tipova entiteta na 48 jezika.

Započnite besplatnu probuPogledajte funkcije

About this page

We update this page when our platform or the law changes.

Read our founder note for how we work.

Each change shows up in the timestamp at the top.

Related reading

We follow these rules

  • GDPR (EU 2016/679).
  • ISO/IEC 27001:2022.
  • NIS2 (EU 2022/2555).
  • HIPAA safe harbor under 45 CFR § 164.514(b)(2).

Our promise

We do not sell your data.

We do not train models on your text.

We store your files in Germany.

You can delete your account at any time.

You own your work.

Where we run

Our servers live in Falkenstein, Germany.

We use Hetzner. They hold ISO 27001 certification.

All data stays in the EU.

Backups run every day.

Need help?

Email support@anonym.legal.

We reply within one business day.

How we test

We run a full check suite on every release.

Each surface gets its own sweep script and report.

Human reviewers spot-check the output each week.

We track recall and precision on a labelled set.

Bad runs block the deploy.

What we never do

  • We never sell your information to third parties.
  • We never train models on what you upload.
  • We never keep your work after you delete it.
  • We never share keys with any outside firm.
  • We never run ads inside the product.

Plans in plain words

We sell credits, not seats.

One credit covers one short job.

Long jobs use a few credits each.

You can top up at any time.

Unused credits roll over each month.

Read the plans page for current rates.

Who built this

A small team of engineers and lawyers built this.

We ship from Europe and work in the open.

Our founder note spells out why we started.

Where to start

How the parts fit

A browser add-on cleans text inside Chrome.

A Word plug-in handles drafts in Office.

A small desktop tool works on whole folders.

An agent protocol link feeds large models safely.

All four share one core engine and one rule set.

Words from our team

We started this work after a lunch about cookies.

One friend kept getting odd ads on her phone.

We asked why a court file leaked through a draft.

We sketched the first build on a napkin that week.

By month three we had a tiny demo for a friend.

She used it on her first case the next day.

Common questions we hear

Can the tool read scanned PDFs? Yes, with OCR.

Does it work on long files? Yes, in small chunks.

Can I roll my own rule set? Yes, save it as a preset.

Does it run offline? The desktop build runs offline.

Do you keep my files? No, the cloud build wipes after each run.

Will it learn from my work? No, we never train on inputs.

A short tour of the workflow

Upload a file or paste a snippet of prose.

Pick the entities you want gone from the draft.

Choose a method: replace, mask, hash, encrypt, or redact.

Press run and watch the side panel show each hit.

Skim the result and tweak any rule that misfired.

Save the cleaned file or send it to a teammate.