An end user was browsing a site which contained a number of buttons or hyperlinks allowing him to refine his search criteria on the page. After clicking one such button, PCIP blocked the request due to a DLP (SSN) violation. This was particularly confusing as the end user did not actually enter any alphanumeric characters on the web page—he only clicked a button.
Each of the buttons on the page was a POST request. Unknown to the end user was that the POST method contained a lot of predefined verbiage. (Right-click on the page to view the source and see the details of the POST.) There was, indeed, a 9-digit number that triggered the SSN DLP violation—a false positive.) Unfortunately, social security numbers are inherently susceptible to false positives, and nothing more could be done.