What HR can do to minimize the risk of fraudulent AI in the workplace

Applications of AI
Michael LewisLeave a Comment on What HR can do to minimize the risk of fraudulent AI in the workplace


The rise of artificial intelligence has brought both opportunities and challenges to the workplace. However, the growth trends of employees using free or unauthorized AI tools pose serious risks, ranging from security breaches to loss of trade secrets. Recent reports show that some workers are involved in AI in ways not permitted by their employers, highlighting the importance of establishing policies and protocols that allow for responsible and intentional adoption and use of AI in the workplace.

One report by Ivanti revealed:

  • 46% of office workers say that some or all of the AI tools they use in the workplace are not provided by their employers.
  • 38% of IT workers use unauthorized AI tools. and
  • 32% of people using AI generated in the workplace keep it a secret.

Another recent study from the Melbourne Business School found that among people using AI in the workplace,

  • 47% say they did so in a way that would be deemed inappropriate. and
  • 63% have seen other employees use AI inappropriately.

What's not going well?

With a report with the right name From salary to patentsHarmonic found that 8.5% of the prompts to common generation AI tools contain sensitive data. Those prompts:

  • 46% includes customer data such as billing and authentication data.
  • 27% includes employee data, such as pay data and employment records.
  • 15% includes legal and financial data such as sales pipeline data, investment portfolio data, and M&A materials. and
  • 12% includes security policies and reports, access keys and their own source code.
Laura Lemia, Schwabe
Co-authors Laura Lemia and Schwabe

Improper use of AI in the workplace can result in cybersecurity cases, threats to national security, liability for IP breach, and loss of IP protection.

for example:

  • Patent Qualification: Patent applications will be considered against previous art. Although the US Patent Act gives inventors a one-year grace period to file applications after the publication of the invention, careless disclosure of information via AI can be a “previous art” that prevents patent protection.
  • Trade Secrets: If an employee discloses confidential information, the company may lose its trade secret protection.
  • Copyright: Employees who have not fully assessed how AI tools work can inadvertently provide corporate information so that AI tool providers can train large-scale language models (LLMs). Furthermore, using copyrighted material as a prompt (or part of the prompt) often constitutes copyright infringement and produces output that is infringed in itself.
  • trademark: My trademark is the company's exclusive brand. However, improper use of a mark to refer to a category of goods or services will result in the mark becoming a generic and available to everyone. “Thermos”, “Aspirin” and “Escalator” are examples of common and current previous trademarks. As such, LLM continues to train the data it provides, it could produce weaker trademark results.

10 steps to minimise AI risk and encourage responsible AI adoption in the workplace

Jim Vana, Schwabe
Co-author Jim Vana
Photo by Stuart Isett
©2023 Stuart Isett. Unauthorized reproduction is prohibited.

In addition to applying technical solutions to address these risks, business leaders can implement a variety of organizational measures to support responsible recruitment of AI in the workplace. For example, your business is:

Adopts AI policy

Consider the following policies as a starting point:

  • No downloading and using free AI tools without approval is permitted.
  • Limits acceptable use cases for free AI tools.
  • We prohibit sharing confidential, own personal information or personal information with free AI tools.
  • Limit input, prompts, or free AI tools.
  • Limit the use and distribution of output from free AI tools.

Update an existing policy

These should include network security and procurement policies, taking into account the risks of AI. While reducing the risk of AI requires an interdisciplinary approach, teams that provide sensual support to an organization may be best positioned to find problems early.

Check your AI Tools Contract

AI developers often require disclosure of terms of use or other measures. This may require changes to your privacy statement or terms of use.

Training employees on responsible use of AI

Make sure your employees are informed of their AI policies, understand AI risks and best practices, and know how to report AI-related issues.

Develop a data classification strategy

Help employees find and label their own confidential, unique personal information. This increases the AI proficiency of each employee and reduces the company's exposure.

Designate employees who are permitted to use company-approved AI tools

Companies can create approval mechanisms that allow interested employees to obtain permission to use AI tools. This could lead to increased efficiency by narrowing down the pool of employees that require more comprehensive AI training.

Documentation is required

Individuals using AI tools should document their use, such as input and output. This information may be necessary to assess your IP risk or claim. Such data can also be used to assess AI policy compliance and identify new risks.

Implement the review process for publishing or broad distribution of AI-generated content

For example, checking the output for bias and accuracy reduces the likelihood of reputation issues related to the use of AI-generated content.

Continuously monitor AI use in the workplace

Monitoring may include regular reviews of AI tools contracts (which are often subject to change) or testing for accuracy, relevance, and bias of AI outputs. Companies can form oversight committees to ensure regular compliance and capture potential risks.

Implement an incident response plan that covers predictable AI scenarios.

For example, if an employee suspects or realizes that he has provided sensitive information to an AI tool, or if he is concerned about the tool, specify the employee's first contact.

The future of AI at work

Employers should adopt this initiative, actively communicate with employees about the risks and acceptable use of AI, adopt clear AI policies, update existing security protocols, and provide employee training. Such actions not only protect sensitive data, but also allow employees to innovate responsibly. By prioritizing preparation, organizations can benefit from AI benefits, from increasing productivity to cost savings, while reducing risk.

This article summarizes the legal aspects and aspects that are merely opinions of the author. This article does not constitute legal advice. You should contact your attorney for legal advice regarding your situation.

Schwabe Patent Attorney Jeff Liao contributed to this article.





Source link

Related Posts

AONDevices Announces Low-Power, Low-Latency, Customizable Edge AI Voice Extensions

Michael Lewis

New law: Illinois education measure focuses on immigrant rights and AI in the classroom

Michael Lewis

AI could run 1 million microbial experiments a year — ScienceDaily

Michael Lewis

Leave a Reply

Your email address will not be published. Required fields are marked *