Cloak: The Smartest Thing You’ll Never Send

Cloak is a browser-based privacy tool designed to mitigate disclosure of sensitive personal information during interactions with large language models. In an era where AI systems increasingly process user data for training and analysis, Cloak addresses the critical need of user privacy by implementing context-aware redaction, transparent reasoning and reversible de-identification (“uncloaking”). We conducted interviews with privacy experts and end-users to understand perceptions, behaviors, and pain-points surrounding AI-mediated privacy. The system architecture includes a React-based Chrome extension front-end, a locally-hosted Python Flask back-end, integrated with LLMs via the Ollama framework. Everything runs locally on the user’s system. We further evaluated our PII detection system, breaking it down into steps: classification, span extraction, and label assignment, across four lightweight open-source models (Phi-3.5, Phi-4-Mini, LLaMA 3 8B, and Mistral) to guide prompt engineering and model selection strategies. We performed usability testing that yielded actionable design refinements.