Primary navigation
    RSS feed

    Know the Risks of Generative AI Tools

    Always check how your data is handled by AI service providers

    10/22/2023 2:03:56 PM

    Blue graphic mentioning that October is National Cybersecurity Awareness Month

    By Blake Russell, Information Security Analyst, MNIT

    Artificial Intelligence (AI) services have become an integral part of our daily Internet activities. They work behind the scenes to personalize recommendations on e-commerce platforms, streaming services, and social media.

    Recently, a new type – generative AI – allows users to interact directly with this technology to create art, text, and audio/video content. Examples of generative AI include Bard, ChatGPT, Craiyon, and OpenArt.

    The growing popularity of generative AI has raised concerns about privacy and data misuse. Since it works by searching for, collecting, and analyzing data found on the Internet, some personally identifiable information is likely becoming part of its growing data library. Users should be mindful of what kind of information they provide these services.

    What to Consider

    • AI-generated content comes from content created by humans - as such it may include content that is plagiarized or that violates copyrights. Additionally, AI services may provide information that is inaccurate, biased, or offensive.
    • Bad actors may use sensitive data with generative AI to impersonate or defraud others.
    • If you use generative AI for work, know your organization’s standards and policies.

    Questions Worth Asking

    • What type of data are you providing or entering into the service? Generative AI works can take any personally identifiable information you enter, and share it as a result or output. Avoid sharing sensitive information with these services.
    • What will your data be used for? Understand what AI service providers are doing to protect your data and whether you can opt out of or limit the use of your data.
    • How long does the service keep or retain your data? The service should only keep your personal information for as long as there is a legitimate business use. In certain cases, legal requirements may determine how long service providers can hold your data.

    What You Should Do

    You should read and understand the AI service provider’s data privacy policies, terms, and conditions of use. If their data handling procedures are unclear, consider an alternative provider. Remain vigilant and be proactive when it comes to safeguarding your personal information.

    General

    Cybersecurity

    Cybersecurity Month

    Cybersecurity

    back to top