{
  "$type": "site.standard.document",
  "bskyPostRef": {
    "cid": "bafyreibuhvndofd5ibq35qjebzaiq6ltbpge4ptezy35p7lv74kqhpivzu",
    "uri": "at://did:plc:lk3jfj3zq4k4wxnk474axylu/app.bsky.feed.post/3mkzwsztg4a72"
  },
  "path": "/t/feature-request-native-pseudonymization-mode-for-codex-app/1380290#post_1",
  "publishedAt": "2026-05-04T14:48:05.000Z",
  "site": "https://community.openai.com",
  "textContent": "I would like to suggest a native privacy feature for Codex App: a local pseudonymization and rehydration layer.\n\nThe idea is:\n\nThe user sees real data locally.\nThe model only sees pseudonymized data.\nThe mapping never leaves the device.\n\nExample:\n\nBefore sending context to the model:\n“María García Pérez” → “STUDENT_0007”\n\nThe model responds:\n“STUDENT_0007 needs additional support in criterion EF.3.2.”\n\nCodex App locally displays:\n“María García Pérez needs additional support in criterion EF.3.2.”\n\nThis would be very useful in regulated domains such as education, healthcare, legal work, HR, research, and public administration.\n\nEven when data is not used for training, many users still need to ensure that personal or sensitive data never reaches the model at all.\n\nSuggested features:\n\n  * pre-model local transform\n  * post-model local rehydration\n  * encrypted local identity vault\n  * safe transcript mode with only pseudonymized logs\n  * PII detection and blocking\n  * folder/file classification: safe for model, pseudonymize before sending, never send\n\n\n\nThis would make Codex App much safer and more practical for privacy-sensitive workflows without forcing users to build external scripts, wrappers, or separate applications.",
  "title": "Feature Request: Native Pseudonymization Mode for Codex App"
}