In recent years, AI software and services have developed rapidly, impacting governments, industries, academia, and research sectors around the world. Since the release of ChatGPT at the end of 2022, it has sparked a global wave of attention and is regarded as a major breakthrough in artificial intelligence.

 Utilizing generative AI software and services to assist in business operations or service delivery can enhance work efficiency and foster creativity. However, it can also inadvertently lead to risks such as privacy breaches, infringement of intellectual property rights, or the generation of false information.\

• Privacy Leakage
  Collecting user input content or scraping webpage text as training data

• IPR/HR/TS Infringement
  AI software and services extensively collect and utilize the resultsgenerated from training data

• Non-existent information
  Limited by the quality and quantity of training data,it may generate both true and false information.

How to Prevent It?

1. Review the platform and contract first

   Check the company and privacy policy, review data retention andtransfers, sign DPA/NDA, and use only approved platforms and APIs.

2. Three Principles of Use

   Minimize and de-identify data; never input personal, account, government, orresearch information.Do not share unverifiedAI-generated content externally.

3. Proper Technical Controls in Place
   Scanning and isolation; I/O gateways for PIIcentralized keys, API whitelists, and log monitoring.

4. 3 Steps Rule
   Isolate and preserve evidence →report and revoke/reset→ audit logs, notify, and patch.