You are designing a safety layer for a large personalized content recommendation system in a social app. The product recommends posts, videos, and groups across multiple discovery surfaces, and the business goal is to reduce harmful or policy-violating recommendations without materially hurting relevance or freshness. Content can violate policies in text, image, video, or through combinations of signals that only become clear after user reports. You need to design an end-to-end ML system that prevents unsafe content from being retrieved, ranked, or re-ranked into recommendations at scale.
| Signal | Value |
|---|---|
| DAU | 350M |
| Peak recommendation QPS | 2.2M |
| Active content catalog | 1.5B items |
| New content created per day | 25M |
| Per-request latency budget (p99) | 180ms |
| Policy review labels/day | 8M |
How would you design this system so that harmful or policy-violating content is blocked or downranked throughout the recommendation stack while still preserving recommendation quality, freshness, and system reliability at this scale? Explain the architecture, model choices, serving strategy, evaluation approach, and how you would handle drift, skew, and operational failures.