Where is the *most* important place to redact PII in a RAG pipeline?

At every stage — ingest, retrieval, and egress — defence in depth.

PII redaction in retrieval — Semantic Web Academy

Overview

Redact at ingest, redact at retrieval, audit at egress.

Why it matters

Once PII reaches the LLM, you've lost control of it. Three layered redaction points keep you out of trouble.

Where this sits in the stack

PII redaction in retrieval is one of the load-bearing decisions in a KG/RAG/agent system: choices made here propagate to retrieval quality, agent reliability, cost per query, and the on-call burden of whoever ships it. Teams that name this trade-off explicitly ship faster than teams that leave it implicit.

Why this is load-bearing

PII redaction in retrieval is the building-code of this layer. You can ignore building codes on a shed, but the moment you put two storeys on top of the same foundation they decide whether the structure stands or falls. In a KG/RAG/agent stack, the equivalent of 'two storeys' is the second feature you ship on top of this primitive — GraphRAG on top of chunking, supervisor agents on top of state machines, regression CI on top of metrics. The cost of cutting the wrong corner now is paid by every later layer, with interest.

Once PII reaches the LLM, you've lost control of it. Three layered redaction points keep you out of trouble.

Reflect — apply it

Anchor pii redaction in retrieval to something concrete in your own work.

›Where have you seen pii redaction in retrieval done well? Name one team or product and what they got right.
›Where have you seen it done badly? What was the first symptom that surfaced (latency, hallucination, cost, outage)?
›What is the *cheapest* version of this you could ship in your next sprint, and what single metric would tell you it's working?

Reading in progress · 0 of 3 activities done