Skip to content

Privacy & Governance

Minions provides built-in support for privacy and governance requirements, particularly in memory management and data handling.

Memory Privacy

Data Isolation

Memory subsystems support multi-tenant isolation:

@Configuration
public class MemoryPrivacyConfig {
    @Bean
    public MemoryManager memoryManager(
            List<Memory<MemoryContext, Message>> memories,
            PrivacyConfig privacyConfig) {
        return new MemoryManager(memories, strategies, privacyConfig);
    }
}

Privacy Controls

public class PrivacyConfig {
    private final boolean enableDataIsolation;
    private final boolean enableAuditLogging;
    private final boolean enableDataRetention;

    // Privacy controls for memory operations
    public boolean canAccessMemory(String tenantId, MemorySubsystem subsystem) {
        // Check access permissions
    }

    public boolean canStoreData(String tenantId, Message message) {
        // Check storage permissions
    }
}

Memory Governance

Audit Logging

All memory operations are logged for audit purposes:

@Component
public class MemoryAuditLogger {
    public void logMemoryOperation(
            String operation,
            String tenantId,
            MemorySubsystem subsystem,
            Message message) {
        // Log memory operation
    }
}

Data Retention

Memory subsystems support configurable retention policies:

@Configuration
public class RetentionConfig {
    @Bean
    public RetentionPolicy memoryRetentionPolicy() {
        return RetentionPolicy.builder()
            .episodicMemoryRetention(Duration.ofDays(30))
            .vectorMemoryRetention(Duration.ofDays(90))
            .build();
    }
}

Compliance Features

  1. Data Isolation
  2. Tenant-based memory isolation
  3. Subsystem-level access control

  4. Cross-tenant data protection

  5. Audit Trail

  6. Memory operation logging
  7. Access pattern tracking

  8. Compliance reporting

  9. Data Retention

  10. Configurable retention periods
  11. Automated data cleanup
  12. Retention policy enforcement

Testing Privacy Controls

@Test
void testMemoryPrivacy() {
    PrivacyConfig config = new PrivacyConfig(true, true, true);
    MemoryManager manager = new MemoryManager(memories, strategies, config);

    // Test data isolation
    assertFalse(manager.canAccessMemory("tenant1", "tenant2"));

    // Test audit logging
    verify(auditLogger).logMemoryOperation(
        eq("store"),
        eq("tenant1"),
        eq(MemorySubsystem.EPISODIC),
        any(Message.class)
    );
}