en.Wedoany.com Reported - The German Artificial Intelligence Research Center (DFKI) has moved the protection of sensitive data in AI chats forward to the local browser. On May 21, DFKI released Privacy Guardrail, an open-source extension for the Google Chrome desktop browser that locally identifies, marks, and anonymizes personal data and other sensitive content before users paste text into AI chat services.

The value of Privacy Guardrail lies in turning the "pre-send check" into a local protection layer at the AI chat entry point. Generative AI has already entered workflows for emails, customer service tickets, meeting minutes, research notes, and internal document processing. When users copy text into ChatGPT, Claude, or Gemini, they may inadvertently submit names, email addresses, physical addresses, account numbers, contract information, customer data, or internal materials to external AI services. The extension launched by DFKI automatically checks text upon the paste action. Identified sensitive segments are first highlighted in the interface, allowing users to confirm, adjust, or ignore each item. The system then replaces them with typed placeholders like [EMAIL_1] or [PERSON_1] before sending. After the AI system returns a response, the extension can locally restore the known placeholders to their original values, keeping the reply content readable in context.

The tool is currently in the Public Beta stage, with version number 0.2.0. The Chrome Web Store page shows that Privacy Guardrail is provided by DFKI GmbH, with an update date of May 21, 2026. The extension description explicitly states that all processing is done locally in the user's browser and that no user input, pasted content, reviewed items, or corrections are uploaded to the extension's servers.

The technical implementation uses a two-tier local recognition mechanism. The first tier is a deterministic Pattern Recognizer, primarily identifying structured information such as email addresses, phone numbers, credit card numbers, IBANs, IP addresses, and dates. The second tier is an optional local Transformer NER recognition, used to discover names, addresses, credentials, organization names, and other personal information within free text. The GitHub project description indicates that the extension is a Manifest V3 Chrome Extension. The deterministic recognizer is compiled from Rust to WebAssembly for execution, and the optional named entity recognition runs within the browser via ONNX Runtime Web. On devices with WebGPU capability, inference can run on the GPU; where WebGPU is lacking, it falls back to a slower CPU/WASM path. For resource-constrained devices, the extension can enter a Pattern-only mode, continuing to identify structured formats but with reduced coverage for free text.

DFKI does not package Privacy Guardrail as a complete data loss prevention system. The project documentation clearly warns that detection may miss sensitive content or falsely flag harmless text. Short names, ambiguous words, code blocks, tables, and unusual formats can all affect recognition quality. The tool is not a compliance product, nor is it an enterprise DLP system. It is closer to an auxiliary protection layer for everyday AI use, giving users a controllable check before text truly enters an AI chat service, through local processing, reviewable replacement, open-source code, and an Apache-2.0 license. The DFKI page also shows that the first public beta officially supports Chrome desktop and the domains chatgpt.com, chat.openai.com, claude.ai, and gemini.google.com. Other Chromium-based browsers may be able to run it, but have not yet been fully tested.

Privacy Guardrail was developed by DFKI's Data Science and its Applications research department. The project lead, Prof. Dr. Sebastian Vollmer, concurrently serves as Professor of Machine Learning Applications at the University of Kaiserslautern-Landau (RPTU Kaiserslautern-Landau) and a senior researcher at DFKI. The push by Germany's DFKI and RPTU research forces to bring this type of local privacy protection tool into public beta indicates that AI chat security is expanding from enterprise backend gateways to the user's browser entry point. For users in research institutions, corporate office teams, and the public sector, the ability to identify, replace, and locally restore sensitive data before sending is becoming a fundamental requirement for integrating generative AI into daily workflows.

This article is compiled by Wedoany. All AI citations must indicate the source as "Wedoany". If there is any infringement or other issues, please notify us promptly, and we will modify or delete it accordingly. Email: news@wedoany.com