06-reference/research

phdata confidentiality redaction checklist

2026-06-23·research-brief·source: deep-research
confidentialityredaction-checklistphdataemployer-boundarycontent-gate

The phData-Derived Public Content Redaction Checklist: A Reusable Pre-Flight Gate at the Constraint-Class Level

The question

Draft a reusable confidentiality pre-flight redaction checklist (no client names, no internal tool names, constraint-class only) gating all phData-derived public content - what exactly goes in it? Context: the founder is a phData Deal Solutions Architect (started 2026-05-26, his MAIN bet) who also publishes (Sanity Check, X, FDE lead magnets) and wants to mine phData-derived lessons without leaking confidential material. This operationalizes the established RDCO boundary into a concrete gate; it is the direct deliverable of open-follow-up #4 of [[2026-06-19-phdata-experiment-fde-positioning-proof-point]].

What we already know (from the vault)

What the web says

Convergences and contradictions

Synthesis for RDCO

This is a clear, reusable gate. Every phData-derived public artifact (Sanity Check piece, X post/thread, FDE lead magnet, reference/SEO page, deck, conference talk) runs the checklist below before it ships. The checklist is built on one organizing idea borrowed verbatim from the proof-point brief: publish the method and the constraint-class, never the engagement specifics. "A hostile corporate perimeter where every connector is blocked and federated SSO breaks the secrets CLI" is publishable; "phData's [specific blocked-connector inventory / internal repo name / client X's pipeline]" is not. The strongest default is to not name phData or any client at all unless the fact is independently public and naming it adds real value — abstraction to "a locked-down enterprise deployment" carries the full proof with zero exposure.

Calibrate against the RDCO boundary in both directions. The failure mode the founder corrected (2026-06-03) was over-redaction — stripping public facts and hyper-anonymizing generic work. So the checklist redacts confidential artifacts and re-identifying specifics, and deliberately keeps public facts (phData is a Snowflake/data consultancy; the founder works there; standard vendors), generic methodology (eval design, RAG, MAC matrices, the two-layer portability model), and "from-his-head" knowledge. Methodology is the credibility engine and is the founder's to publish; identity and engagement fingerprints are the line.

Two mechanical aids make the gate fast and reliable. (1) A grep blocklist run on every draft, seeded from [[mac-landing/2026-05-05-build-spec]] and extended for the phData era — client names the founder has worked (Lionsgate, Mammoth Growth / MG, Progress, Nutrafol), internal table/model names (silver_fct_*, gold_opp_pipeline, etc.), and phData-internal tool/repo/project codenames as they surface. Maintain this wordlist in the vault so it compounds. (2) The re-identification test on every metric and environment detail: if a number, stack combination, or descriptor could only belong to one company, convert it to a ratio/delta or generalize it. Absolute fingerprinting counts out; illustrative deltas (14 → 95) in.

The gate rule (non-negotiable): every phData-derived public piece runs this full checklist AND routes through the founder for a final read before publish. The checklist does not replace the founder gate — it makes the founder gate fast and consistent. No autonomous publish of phData-derived content, ever. (This mirrors [[feedback_no_autonomous_external_email]]: Ray drafts, founder ships.)

The Pre-Flight Redaction Checklist (run on every phData-derived public draft)

A. Hard blocks — must all be checked before publish:

B. Calibration checks — guard against over-redaction (the founder's correction):

C. Surface hygiene:

D. The gate:

Open follow-ups

  1. Maintain the grep blocklist as a living vault artifact. Where does the canonical wordlist live (extend the MAC scrub list), who appends to it as new clients/internal names surface, and should it be wired into a /confidentiality-scrub skill that auto-greps any draft tagged phData-derived?
  2. Wire the checklist into the existing verification pattern. Should this become a fresh-eyes critic (a /verify-phdata-content sibling to [[verify-vault-write]] / [[verify-strategic-output]]) so a zero-context subagent runs the gate before the founder sees it, rather than relying on the producer's biased self-scrub?
  3. Name-phData policy default — codify it. The proof-point brief leans "don't name phData at all." Should that be the hard default in the checklist (abstract unless an explicit founder override), and does that default differ by surface (X vs lead magnet vs reference page)?
  4. Does the cc-wrapped harness IP settlement interact with phData-era content? [[2026-06-12-anonymized-client-case-study-shape]] flagged whether the IP-boundary settlement covers authored content about the harness; confirm it doesn't add a constraint the checklist is missing for phData-deployment write-ups.

Related

Sources

Vault:

Web: