What Is the Data Protection Agent?
The Data Protection agent monitors every trace for sensitive information that shouldn’t be shared with external services. It focuses on personal data, financial information, credentials, health records, and intellectual property. This is your primary safeguard for GDPR compliance, data sovereignty, and privacy regulations.How It Works
When a trace flows through your organisation, the Data Protection agent evaluates it against a set of configurable rules. Each rule targets a specific category of sensitive information. If a rule detects a match, the agent produces an intent (allow, block, or escalate) based on the severity of the finding and your configuration. You control which rules are active and how the agent responds. Rules can be enabled or disabled individually, giving you precise control over what gets flagged.What It Detects
| Category | Examples |
|---|---|
| Personal Identifiable Information | Names combined with contact details, national ID numbers, passport numbers, dates of birth, addresses |
| Financial Data | Credit card numbers, bank account details, tax identifiers, salary information |
| Credentials | Passwords, API keys, authentication tokens, private keys, connection strings |
| Health Information | Medical records, diagnoses, prescription details, health insurance identifiers |
| Intellectual Property | Proprietary code, trade secrets, confidential research, internal documentation marked as restricted |
Common Scenarios
An employee pastes customer records into a prompt
An employee pastes customer records into a prompt
The agent detects personal identifiable information in the trace. Depending on the role, the trace is logged, flagged for review, or blocked before the data reaches the external service.
A developer shares an API key in a conversation
A developer shares an API key in a conversation
Someone asks an AI service to summarize a medical report
Someone asks an AI service to summarize a medical report
The agent detects health information in the trace content. This triggers the appropriate action based on your configured role, helping you maintain HIPAA and health data compliance.
A team member shares proprietary source code
A team member shares proprietary source code
When to Use Enforcer Mode
Consider promoting Data Protection to Enforcer when your organisation handles regulated personal data, operates in healthcare or financial services, or is subject to GDPR enforcement. The cost of a data leak in these scenarios outweighs the occasional interruption of a blocked trace. For teams that primarily handle non-sensitive workloads, Observer mode provides visibility without interrupting the flow.Next Steps
Configuring Agents
Enable or disable individual Data Protection rules for your workspaces.
Roles and Intents
How the agent’s role affects its response to findings.