AI Security, Intellectual Property (IP) & Privacy Gaps – What is confidential to AI?

31 Oct. 2024 - - Total Reads 914

AI Security and IP

Why AI doesn’t know what’s confidential — and how to protect your business from exposure

AI models are not inherently secure. They’re not aware of what’s private, regulated, or commercially sensitive. When you pass confidential information into ChatGPT or other large language models, they don’t have built-in filters to protect your IP, redact private user data, or comply with privacy frameworks like GDPR or HIPAA. That’s your job — and in regulated industries, failing to do so can trigger serious consequences.

Why This Is a Problem

LLMs don’t understand security boundaries. If you give them sensitive content — a legal contract, internal strategy doc, or a patient file — they’ll happily analyse, summarise, and even remix that data. Worse, if you don’t properly clean the inputs and outputs, the model can:

  • Leak confidential info in its responses
  • Include identifying data when responding to unrelated prompts
  • Misclassify, hallucinate, or suggest actions that violate compliance rules

Does OpenAI Train on Your Data?

By default, yes — inputs into ChatGPT may be used to improve the model. This includes prompts and content submitted through the public web interface (chat.openai.com). However, API usage is opt-out by default — OpenAI states that API inputs are not used for training unless explicitly enabled.

Still, if your data is proprietary or sensitive, it’s safest to:

  • Assume all external model use is untrusted
  • Treat prompts as if you’re publishing to the internet

Mitigation Strategies

1. Redact and Mask Data Before Sending to the Model

Remove or replace identifiable fields before sending prompts;

user_prompt = “Customer John Smith at ACME Corp requested refund.”
safe_prompt = user_prompt.replace(“John Smith”, “[REDACTED_NAME]”).replace(“ACME Corp”, “[REDACTED_ORG]”)

Use token-based masking for more granular protection.

2. Hash Identifiable Fields (for reversible matching)

If you need to link back to original data later:

You can store this hash as a reference key — the model sees only anonymised input.

3. Use Internal LLMs or Isolated Environments

For highly sensitive work (IP, legal, R&D), consider:

  • Running LLMs in a private cloud or on-prem
  • Using open-source models like LLaMA or Mistral inside firewalled environments
  • Wrapping models with policy enforcement, logging, and audit tools

4. Filter and Post-Process AI Output

Even if input is safe, the model can still generate unsafe responses. Use regex filters, classification models, or human review to scrub outputs before they’re exposed to users.

When This Matters Most

  • Legal: Leaking case files or privileged communications
  • Healthcare: Exposing patient info, violating healthcare codes
  • Finance: Sharing transaction history, insider data
  • Tech: Revealing product roadmaps, code, or strategies

Final Thought

LLMs don’t protect your data — they process what you give them. That means security and privacy need to be enforced before and after the model, not just inside it. With smart redaction, structured pipelines, and enterprise-grade access control, AI becomes powerful and safe.

Need help deploying AI without risking your IP? AndMine can help you design secure, scalable AI systems that protect your data and reputation.

Michael Simonetti, BSc BE MTE
Posted by:

Post Reads: 0.9K

Share this

Go on, see if you can challenge us on "AI Security, Intellectual Property (IP) & Privacy Gaps – What is confidential to AI?" - Part of our 183 services at AndMine. We are quick to respond but if you want to go direct, test us during office hours.

Add Your Comment

Trusted by

Ubertas Group
Windsorsmith
Tek Ocean
Maxine
Eway
News
Brisbane Times
Appstore
Fast.co
Peter Mac
The Royal Melbourne Hospital
Oracle
Schiavello
Mecca Brands
Aqium Gel
Cleanfit
Vendor Advocacy Australia
ISO Certified
Cooper Mills
Telstra
Drupal
SwinBurne University of Technology
Garmin
Passage Foods
NGS Super
Catholic Insurance
AC/DC
MAP
Positive Poster
Hanover
skillhire logo
Tomorrow Stars Basketball
21st Century Australia Party
SunSense Digital Agency
Plants
Associated Press
Gilchrist Connell
National Relay Services
Celebrate Health
Ebay
findstaff logo
Novvi
Uber
VISSF
Melbourne Heart
Sunday Creek
Acquia Certified Site Builder Drupal
CCI
Australian Anthill
Unsw Australia
interact logo
Marshall White
Tassal
QV Skincare
Launtel
intojobs logo
Arc One
DUSA, Deakin University Student Association
DeeWhy Market
Shell
Dial Before You Dig
Kay&Burton
One Shift
Oakdale Meat Co
Xavier
Cell Therapies
CAN- Common Wealth Bank
Bulk Nutrients
Paypal
nextgenskills logo
itfe logo
ABC
Van Egmond Group
Castran Gilbert
Herbert Smith Freehills
Engine Swim
Gilbert+Tobin
Bondi Sands
Australian Organic Food CO
Parker Lane
Passage To India
Mark Alexander Design
Boston Consulting Group
Elucent
Max’s
Palace Cinemas
Naturtint
ACTUATE IP
Federation University Australia
OpenAI
Melrose Health
Movember
Bolle Safety
Inferflora
The Canberra Times
Moov Head Lice
Rydges
ISO CERTIFIED 27001
Amino Active
Vitura Health
James Buyer Advocates
Green St Juice CO
Loan Market
Instant RockStar
Florsheim Shoes
Royal Freemasons
King Wood Mallesons
Grow Your Business
Wild Rhino Shoes
The University Of Melbourne
Crumpler
Federation Square
MyAccount
Melbourne Sports and Aquatic Centre – MSAC
131 Pizza
Switzer Media+Publishing
The Fortune Institute
Sports Power
Google
Engineers Without Borders
intowork logo
Corrs chambers westgarth
Madman Entertainment
ADP Payroll
Atlantic Group of Companies
National Museum of Australia
help logo
Rackspace
Chia
SMH – The Sydney Morning Herald
CB Richard Ellis
Matchbox Homewares
Hairhouse Warehouse
Fairfax Media
Coles
OJAY
PranaOn
Viktoria & Woods
NMI Insurance
Bigcommerce
aga logo
Taylor Rose
Melbourne Central
Carlton Football Club
NextTech
Heat Holders
ctc logo
mas national logo
Macpherson Kelley
Natralus Australia
Forbes
Victorian Government
kestrel logo
White Suede
OMS – Order Management System
Toy World
Watches of Switzerland
Toni&Guy
TPP
Scrum.org
Australian Physiotherapy Association
Beaumont
The Age
Globird
Fresh Cheese Company
Microsoft Certified Azure Fundamentals
Magento
Dinosaur Designs
learning partners logo
Bank of Cyprus
Etihad Stadium
Cronos Australia
Fit My Car
GooglePlay
Melrose MCT
Arthur Galan
Think & Grow Rich Inc
HGG 
liberal
POSTER Magazine
Tribe
WTFN
McArthur Skincare
Ello
Thomson Geer
Focus On Furniture
htn logo
Bintani Australia
Grainshaker
Street Kitchen
BlackMores
Magento Solution Specialist
The Burger Cheese
nara logo
Jalna
GPT Group
University of South Australia
Adobe Professional
French Tables
Craft CMS
iPrimus
Banki Haddock Fiora
Bostik
Smart Company
Gadens
Kadac
Macmillan Publishing
Mamma Lucia
Australian Government
work and training logo
Ego Pharmaceuticals
RMIT University
Metricon
High Street Armadale
LBG Australia and New Zealand
Jetstar
ATT logo
Grays Ecommerce
Rock Pool Group

Testimonials

Our business felt dramatically behind online before starting with AndMine. The team there helped us maintain, update and grow our website presence with ease. In addition to developing our online store and beautiful hair competition website in record time. They make complex IT marketing trends simple to understand with superb service; they are a true pleasure to work with. Ben Kennedy, Nicky Clarke (UK)

More Testimonials
AndMine-Google-Partner-Signature