{"slug": "how-to-build-scalable-web-apps-with-openai-s-privacy-filter", "title": "How to build scalable web apps with OpenAI's Privacy Filter", "summary": "Three scalable web applications—a Document Privacy Explorer, an Image Anonymizer, and a SmartRedact Paste tool—all built using OpenAI's Privacy Filter model and Gradio's Server infrastructure. The Privacy Filter is a 1.5B-parameter, Apache 2.0-licensed model that detects and redacts PII categories like names, addresses, and account numbers, achieving state-of-the-art performance on the PII-Masking-300k benchmark. Gradio's Server enables these apps by pairing custom HTML/JS frontends with backend features like queueing, ZeroGPU allocation, and a client SDK, allowing for efficient single-pass processing of up to 128,000 tokens.", "body_md": "How to build scalable web apps with OpenAI's Privacy Filter\n- Document Privacy Explorer: drop in a PDF or DOCX, read the document back with every PII span highlighted in place.\n- Image Anonymizer: upload an image, get it back with redacted black bars over names, emails, and account numbers. The image is also editable on a canvas so you can make your own annotations before downloading.\n- SmartRedact Paste: paste sensitive text, share a public URL that serves the redacted version, keep a private reveal link for yourself.\nAll three are built on gradio.Server, which lets you pair custom HTML/JS frontends with Gradio's queueing, ZeroGPU allocation, and gradio_client\nSDK. In all these apps, gradio.Server\nplays the same backend role, and that consistency is exactly what makes it really powerful.\nThe model\nPrivacy Filter is a 1.5B-parameter model with 50M active parameters, permissively licensed under Apache 2.0. PII categories are private_person\n, private_address\n, private_email\n, private_phone\n, private_url\n, private_date\n, account_number\n, secret\n. Context is 128,000 tokens. Achieves state-of-the-art performance on the PII-Masking-300k benchmark. Full numbers and methodology are in the official release blog.\n1. Document Privacy Explorer\nTry it at ysharma/OPF-Document-PII-Explorer.\nUser problem. You want to read a PII-heavy document (a contract, a resume, an exported chat log) with every detected span highlighted by category, a filter in the sidebar, and a summary dashboard up top. The reading experience should feel like a normal document, not a form.\nWhat Privacy Filter does here. The whole file goes through in a single 128k-context forward pass, so there's no chunking, no stitching, and span offsets line up directly with the rendered text. BIOES decoding keeps span boundaries clean through long ambiguous runs.\nWhat gr.Server\ndoes here. You could wire this up in Blocks with gr.HighlightedText\nand a sidebar, and it would work. The reading experience we wanted (serif body, category filters that toggle CSS classes client-side instead of re-running the model, a summary dashboard that doesn't force a page re-render) was easier to hand-author than to compose. gr.Server\nlets us serve the reader view as a single HTML file and expose the model behind one queued endpoint:\nimport gradio as gr\nfrom fastapi.responses import HTMLResponse\nfrom gradio.data_classes import FileData\nserver = gr.Server()\n@server.get(\"/\", response_class=HTMLResponse)\nasync def homepage():\nreturn FRONTEND_HTML # reader view; see app.py\n@server.api(name=\"analyze_document\")\ndef analyze_document(file: FileData) -> dict:\ntext = extract_text(file[\"path\"]) # PyMuPDF / python-docx\nsource_text, spans = run_privacy_filter(text) # single 128k pass\nreturn {\n\"text\": source_text,\n\"spans\": spans, # [{start, end, label}, ...]\n\"stats\": compute_stats(source_text, spans),\n}\nNote the decorator: @server.api(name=\"analyze_document\")\n, not a plain @server.post\n. That's the piece that plugs the handler into Gradio's queue, so concurrent uploads are serialized, @spaces.GPU\ncomposes correctly on ZeroGPU, and the same endpoint is reachable from both the browser and gradio_client\nwith no duplicated code. The browser calls it with the Gradio JS client:\n<script type=\"module\">\nimport { Client, handle_file } from \"https://cdn.jsdelivr.net/npm/@gradio/client/dist/index.min.js\";\nconst client = await Client.connect(window.location.origin);\nasync function uploadFile(file) {\nconst result = await client.predict(\"/analyze_document\", { file: handle_file(file) });\nrenderResults(result.data[0]); // { text, spans, stats }\n}\n</script>\n2. Image Anonymizer\nTry it at ysharma/OPF-Image-Anonymizer.\nUser problem. You want to share an image or any screenshot (a Slack thread, a receipt, a Stripe dashboard) with black bars over the PII. You want to toggle bars on and off, drag them to reposition, or draw one by hand for anything the model missed, then export the result.\nWhat Privacy Filter does here. Tesseract runs OCR and returns per-word bounding boxes. The backend reconstructs the full text with a char-offset to box map, then runs Privacy Filter once over the whole text. Detected character spans are looked up against the word map and joined into pixel rectangles per line.\nWhat gr.Server\ndoes here. gr.ImageEditor\nsupports layered annotation and is a reasonable starting point for image redaction. The workflow we wanted (per-bar category metadata, toggle all bars in a category at once, client-side PNG export at natural resolution with no server round-trip) was cleaner to build on a custom <canvas>\nfrontend. gr.Server\nhands back pixel rectangles from one queued endpoint and lets the canvas own everything else:\n@server.api(name=\"anonymize_screenshot\")\ndef anonymize_screenshot(image: FileData) -> dict:\nimg = Image.open(image[\"path\"]).convert(\"RGB\")\nfull_text, char_to_box = ocr_image(img) # per-word boxes + char map\nspans = run_privacy_filter(full_text)\nboxes = spans_to_pixel_boxes(spans, char_to_box)\nreturn {\n\"image_data_url\": pil_to_base64(img),\n\"width\": img.width,\n\"height\": img.height,\n\"boxes\": boxes, # [{x, y, w, h, label, text}, ...]\n}\nThe frontend invokes it with client.predict(\"/anonymize_screenshot\", { image: handle_file(file) })\n, the same pattern as above. Toggles, drags, new-bar drawing, and PNG export all happen in the browser; edits never round-trip to the server.\n3. SmartRedact Paste\nTry it at ysharma/OPF-SmartRedact-Paste.\nUser problem. You want a pastebin that redacts before sharing. You paste a log line, an email, a support ticket. You get two URLs back. The public one serves the redacted version with <PRIVATE_PERSON>\n, <PRIVATE_EMAIL>\n, <ACCOUNT_NUMBER>\nplaceholders, following the redaction convention from the official blog examples. The private one is gated by a token you keep and shows the original with spans highlighted.\nWhat Privacy Filter does here. Swap each detected span with a <CATEGORY>\nplaceholder on the stored paste. That's the entire redaction step. Multilingual text (Spanish, French, Chinese, Hindi, and others in the model-card examples) routes through the same call with no change.\nWhat gr.Server\ndoes here. This app needs two distinct GET routes for the same paste ID, one public and one token-gated, and the URL shape matters because the reveal URL is the thing you keep. gr.Server\nworks here because it's a FastAPI app underneath — which is also why @server.api\nand plain @server.get\ncan sit side by side in the same process. Note: this can also be built with gr.Blocks()\nby mounting custom routes with FastAPI :\n# Model call → queued endpoint. Hit from the browser via\n# client.predict(\"/create_paste\", { text, ttl }).\n@server.api(name=\"create_paste\")\ndef create_paste(text: str, ttl: str = \"never\") -> dict:\nsource_text, spans = run_privacy_filter(text)\nredacted = redact(source_text, spans) # <CATEGORY> placeholders\npid, reveal_token = secrets.token_urlsafe(6), secrets.token_urlsafe(22)\nPASTES[pid] = Paste(pid, reveal_token, source_text, redacted, spans,\nexpires_at=_ttl(ttl)) # see app.py\nreturn {\n\"view_path\": f\"/view/{pid}\",\n\"reveal_path\": f\"/view/{pid}?token={reveal_token}\",\n}\n# View page → plain FastAPI GET. No model, no queue needed, and we\n# actually want the bespoke URL shape `/view/{pid}?token=...` that a\n# queued endpoint couldn't give us.\n@server.get(\"/view/{pid}\", response_class=HTMLResponse)\nasync def view_paste(pid: str, token: str | None = None):\np = _store_get(pid) # see app.py for store\nif p is None:\nreturn HTMLResponse(_not_found(), status_code=404)\nrevealed = bool(token) and secrets.compare_digest(token, p.reveal_token)\nreturn HTMLResponse(_render_view(p, revealed))\nA daemon thread evicts expired pastes every 30 seconds. The whole service, including storage, is about 200 lines of application code because everything lives in one process.\nWhat gradio.Server\nprovides\nThe split across all three apps is the same — anything that touches the model goes through @server.api\n, everything else stays on plain FastAPI routes:\n@server.api\ngives you Gradio's queue (serialized requests, correct @spaces.GPU\ncomposition on ZeroGPU, progress events) and it's what the browser hits through @gradio/client\n. The same endpoint is also what gradio_client\nusers hit from Python — one function, two SDKs, no duplicated code. Plain @server.get\n/@server.post\nare reserved for the static surfaces: HTML pages, file lookups, cheap dict reads. That's the rule of thumb from the gradio.Server intro post, and it's what makes these three apps feel consistent even though their UIs are very different.\nTry them\nDrop in a resume, a screenshot of a Slack thread, a log line with a token in it. The fun part is seeing what Privacy Filter catches (and occasionally misses) on text you actually care about.\nRecommended reading\n- OpenAI's release post: Introducing OpenAI Privacy Filter\n- Model card: openai/privacy-filter on Hugging Face\n- Redaction examples and taxonomy on Model card", "url": "https://wpnews.pro/news/how-to-build-scalable-web-apps-with-openai-s-privacy-filter", "canonical_source": "https://huggingface.co/blog/openai-privacy-filter-web-apps", "published_at": "2026-04-27 00:00:00+00:00", "updated_at": "2026-05-19 21:59:13.888742+00:00", "lang": "en", "topics": ["artificial-intelligence", "machine-learning", "large-language-models", "open-source", "developer-tools"], "entities": ["OpenAI", "Gradio", "Privacy Filter", "Document Privacy Explorer", "Image Anonymizer", "SmartRedact Paste", "PII-Masking-300k", "Apache 2.0"], "alternates": {"html": "https://wpnews.pro/news/how-to-build-scalable-web-apps-with-openai-s-privacy-filter", "markdown": "https://wpnews.pro/news/how-to-build-scalable-web-apps-with-openai-s-privacy-filter.md", "text": "https://wpnews.pro/news/how-to-build-scalable-web-apps-with-openai-s-privacy-filter.txt", "jsonld": "https://wpnews.pro/news/how-to-build-scalable-web-apps-with-openai-s-privacy-filter.jsonld"}}