How to use AI without Compromising Data Privacy

Introduction

Our privacy, our data and information are one of the most precious things we have, although not everyone gives them their due value. Data protection is what is capable of protecting us, from the simplest information to confidential and personal information that we want to keep to ourselves.

Artificial intelligence is truly something new, but it has a major flaw: it is only capable of so much because of the amount of data it has access to, whether on the web or the information we feed it.

In this article we will talk about the privacy of our data and the use of artificial intelligence, and how we can manage things to get the best of both worlds.

Why it's dangerous to use LLMs without care

Those screens with a beautiful design from LLMs like Claude, ChatGPT, Gemini and other tools give a false sense of security, where everything we write there won't leave… But that's not quite how things work. They seem like a private conversation assistant.

What goes into those conversations, stays there. That is the reality.

When you insert files with personal details, sensitive medical and financial information, confidential work documents, you risk that same information being sent to third-party servers and reused to train the artificial intelligence.

Most AI companies that have conversational AI chatbots can, if stated in the privacy policy, use your conversations with the LLMs to improve future models. The information you share with it will serve as answers for other users.

This means that when you send a file from a professional or academic project you worked on, AI will reuse all the content in it and may reformulate it if someone needs that type of information. The work is no longer solely yours, and they can use all your research, writing and information, even without your authorisation.

You risk exposing unwanted personal data of yours or others, for example, when you share an email thread where other people's contacts are exposed, those contacts get stored in the LLM, and if someone with bad intentions wants to know the phone number of a person who appeared in one of your files, they can now have access to it, simply by asking the LLM. If this sounds bad, imagine when addresses, banking details and passwords are shared.

There is also a legal and corporate responsibility when you share information carelessly, especially regarding your employment. Sharing proprietary code, client data, or trade secrets with public LLMs may violate NDAs, GDPR, HIPAA, or company policy, and that data easily becomes accessible to other people.

What to do?

We have already understood the risks we are facing that can jeopardise our data privacy. In what ways can we protect ourselves and be more cautious in our day-to-day use of artificial intelligence? A list of the most important factors to mention:

Anonymise before you paste

Don't let the raw file be explicit to the artificial intelligence, you can make a change as simple as replacing the real names of your client companies with just "Company A", "Company B". This protects all the data you will discuss going forward and you can still get the same output you need in most cases.

Read the privacy policy

Not sure whether your data, files and conversations are being used to train the artificial intelligence? Read the privacy policy of the tool you are using, it is required by law to transparently explain how it uses the information of its users and clients.

Use enterprise tiers for work

Many tools that use artificial intelligence as a resource offer various paid plans, and depending on each tool, the enterprise paid plan, which is normally always the most expensive, and designed for companies and large teams, may have a privacy policy adapted for businesses handling sensitive data. Although this tends to be the case, always verify with the service or tool provider to be fully certain that the data policy is adapted and more secure.

Run sensitive tasks locally

There are already applications that can run artificial intelligence (the LLMs) locally on your computer, without sending your information to any company's cloud. Examples include applications such as Ollama, LM Studio, Jan, and many others, which download LLMs and run an internal process on your own computer's local server.

Disable chat history when possible

Throughout all the conversations you have with ChatGPT or any other LLM, they store everything they know about you in order to give you a more accurate response by reviewing your entire history, especially if they know your medical questions, financial details, relationship problems, and work matters. In the short term this is useful, but it means all that data gets stored long-term within their servers, and they end up knowing quite a lot about you, perhaps even too much.

Strong data governance

Data governance is a set of policies and processes that aims to keep data and information more secure throughout their lifecycle. It starts by first assessing how data flows within the company's processes, then understanding the security, architecture, integration and management of the most important or sensitive data. After a full understanding and analysis, a strategy is created to be implemented in the company's processes, defining rules, policies, monitoring and consistency.

Encrypt whenever possible

At any stage of your company's business processes, whenever possible, encrypt all files, data and information. Not only for protection against artificial intelligence, but also against cyberattacks and data breaches.

Establish team policies

We should use artificial intelligence as a partner, a tool, it is something that increasingly helps us generate more productivity. While that is true, when it comes to data privacy, either everything is being controlled on a local server, or policies need to be defined for teams. It must be established what can and cannot be shared with artificial intelligence, depending on each department: a marketing manager can share a social media post with an LLM without major repercussions, but an accountant cannot ask for advice on financial statements and other documents containing sensitive information.

Conclusion

Artificial intelligence is not a villain, it doesn't mean it is something bad or that it shouldn't be used. The question here is how to use it in the best way. When the internet emerged, one of the greatest revolutions of the century, there was and still is a great deal of this conversation about data protection and privacy, and that doesn't mean we shouldn't use it.

The best way to move forward after reading this article is to try to adopt small habits that can protect our data and keep us as safe as possible, and with caution. Let's use artificial intelligence, safely.

About Loni Technology

Loni Technology is an artificial intelligence automation agency that aims to help companies automate processes and increase their productivity.

Looking for an AI Privacy ready for your automations? You are in the right place.