From chatbots and creative writing to images and automation, the power and convenience of Artificial Intelligence, advanced Large Language Models and language-processing algorithms cannot be denied. While you may be anxious to leverage generative AI to help streamline your business processes and simplify communications, it is important to consider the security and privacy implications before adopting these technologies for your business.
THIS IS WHY WE CAN’T HAVE NICE THINGS
The Artificial Intelligence Chatbot, ChatGPT launched in late November of 2022. By January of 2023 ChatGPT had become the fastest-growing consumer software application in history. In less than three months after release, researchers at Checkpoint found that hackers were using the API version of the program to construct malicious phishing emails.
Unfortunately, cybercriminals are using AI for more than creating more polished phishing emails and malicious code. From brand and voice impersonation to fake downloads and data stealing browser extensions, they are using AI to gain the upper hand.
PRIVACY & DATA SECURITY CONCERNS
AI tools powered by large language models are trained by user input and vast amounts of online data.
TIPS FOR MITIGATING RISKS WHEN USING AI TOOLS
Research – Check the terms of service/use, privacy policies and data use, retention and storage policies for any AI tools you are considering using for business purposes. Terms of Service Didn’t Read provides a free overview and “grade” for many major companies and online services based on their terms of service, privacy and data use policies. An overview of OpenAI is available on the ToSDR website.
Company Policies – Ensure your end users have clear and concise rules for the acceptable use of AI tools in the workplace. The policy should address approved/unapproved software and prohibit disclosure of detailed business information, intellectual property, trade secrets and PII.
Legitimate Programs - Unfortunately, SEO poisoning has placed some malicious webpages and downloads within search results. As with any application or program, check to ensure the source is legitimate.
Browser Extensions – “AI powered” browser extensions are everywhere, be sure to evaluate them thoroughly. These tools can be hiding malware, compromised or faked. A recent report examining 70 extensions available for the Google Chrome browser found 21% of them were collecting user data, including network monitoring, keystroke logging, and mouse position.
Check Data Output Carefully – AI tools are not infallible. Data output from AI programs may not be correct or could contain information already protected by intellectual property laws, trademarks or copywrite protections.
Although AI and Large Language Models have been around for decades, the rapid rise of ChatGPT has launched these generative technologies into mainstream, with little oversight and no specific laws to govern its use. Welcome to Wild West of AI – If you climb into the saddle, be ready to ride.