QommonsAI Implements Three-Layer Defense: Automatic Personal Information Detection, Forbidden Word Blocking, and Detection Logs — Realizing Municipal Information Governance with AI to 'Encourage Use While Preventing Leaks'

Polimill Inc. (Headquarters: Minato-ku, Tokyo; CEOs: Ayame Ito / Nonoka Taniguchi), a leader in administrative AX, announces that its generative AI for government, 'QommonsAI,' will introduce 'Automatic Personal Information Detection,' 'Forbidden Word Blocking,' and 'Detection/Blocking Logs' in an update scheduled for April 1, 2026, to provide multi-layered prevention against the accidental input of confidential information. Multi-layered prevention of accidental input of confidential information

'Multi-layered Information Governance' that elevates rule effectiveness from 'paper regulations' to 'technical mechanisms' As the adoption of generative AI accelerates in municipalities across Japan, it has become crucial to implement internal information management rules as a system to create an environment where staff can use AI without hesitation. While many municipalities have established guidelines for generative AI usage, their enforcement often relies on the individual awareness of staff. By elevating the effectiveness of rules from 'paper regulations' to 'technical mechanisms,' staff can fully utilize generative AI with peace of mind, without feeling an excessive burden regarding information management. By incorporating a three-layer defense of 'Automatic Personal Information Detection,' 'Forbidden Word Blocking,' and 'Detection/Blocking Logs,' QommonsAI has realized an environment that 'prevents leaks at the system level without relying on the judgment of individual staff members.' This allows municipalities to balance the conflicting demands of 'wanting to encourage use' while 'preventing leaks,' enabling the safe promotion of generative AI utilization. What are Personal Information Alerts / Forbidden Word Settings? This feature displays warnings or blocks transmission to the AI when inputs containing personal information or forbidden words are detected. Overview of the Three-Layer Defense QommonsAI's information governance function prevents the leakage of confidential information through three stages: 'Detection → Blocking → Recording.' Layer 1: Automatic Personal Information Detection — AI monitors input content in real-time Personal information patterns are automatically detected the moment a staff member enters a prompt. The action taken upon detection can be configured individually based on the type of confidential information, choosing between 'Warning Only' (alerting the staff member and leaving the decision to send to them) and 'Block Transmission' (stopping the transmission to the AI entirely). For example, administrators can flexibly configure operational rules via the settings screen, such as 'Block My Number immediately, but display a warning for names and leave the decision to the staff.' This realizes practical governance tailored to actual business operations. Layer 2: Forbidden Word Blocking — Implementing organization-specific rules into the system Administrators can register over 100 custom forbidden words. Inputs containing registered terms are blocked from being sent to the AI entirely, cutting them off at the system level without requiring staff judgment. Administrators can flexibly register organization-specific confidential information that cannot be captured by personal information patterns alone—such as undisclosed policy project names, facility names under internal review, or personnel-related proper nouns—as protected items. Instead of just stating 'Input of XX is prohibited' in guidelines, this feature forcibly enforces it within the system.