AI Security, Intellectual Property (IP) & Privacy Gaps – What is confidential to AI?

• Michael Simonetti, BSc BE MTE
• 9 months ago
• Categories: Advice, Articles & Events
• Tags: AI, AI Development, AI Security, Artificial Intelligence, Cyber Security, Enterprise, Security

Why AI doesn’t know what’s confidential — and how to protect your business from exposure

AI models are not inherently secure. They’re not aware of what’s private, regulated, or commercially sensitive. When you pass confidential information into ChatGPT or other large language models, they don’t have built-in filters to protect your IP, redact private user data, or comply with privacy frameworks like GDPR or HIPAA. That’s your job — and in regulated industries, failing to do so can trigger serious consequences.

Why This Is a Problem

LLMs don’t understand security boundaries. If you give them sensitive content — a legal contract, internal strategy doc, or a patient file — they’ll happily analyse, summarise, and even remix that data. Worse, if you don’t properly clean the inputs and outputs, the model can:

• Leak confidential info in its responses
• Include identifying data when responding to unrelated prompts
• Misclassify, hallucinate, or suggest actions that violate compliance rules

Does OpenAI Train on Your Data?

By default, yes — inputs into ChatGPT may be used to improve the model. This includes prompts and content submitted through the public web interface (chat.openai.com). However, API usage is opt-out by default — OpenAI states that API inputs are not used for training unless explicitly enabled.

Still, if your data is proprietary or sensitive, it’s safest to:

• Assume all external model use is untrusted
• Treat prompts as if you’re publishing to the internet

Mitigation Strategies

1. Redact and Mask Data Before Sending to the Model

Remove or replace identifiable fields before sending prompts;



user_prompt = “Customer John Smith at ACME Corp requested refund.”

safe_prompt = user_prompt.replace(“John Smith”, “[REDACTED_NAME]”).replace(“ACME Corp”, “[REDACTED_ORG]”)

Use token-based masking for more granular protection.

2. Hash Identifiable Fields (for reversible matching)

If you need to link back to original data later:

You can store this hash as a reference key — the model sees only anonymised input.

3. Use Internal LLMs or Isolated Environments

For highly sensitive work (IP, legal, R&D), consider:

• Running LLMs in a private cloud or on-prem
• Using open-source models like LLaMA or Mistral inside firewalled environments
• Wrapping models with policy enforcement, logging, and audit tools

4. Filter and Post-Process AI Output

Even if input is safe, the model can still generate unsafe responses. Use regex filters, classification models, or human review to scrub outputs before they’re exposed to users.

When This Matters Most

• Legal: Leaking case files or privileged communications
• Healthcare: Exposing patient info, violating healthcare codes
• Finance: Sharing transaction history, insider data
• Tech: Revealing product roadmaps, code, or strategies

Final Thought

LLMs don’t protect your data — they process what you give them. That means security and privacy need to be enforced before and after the model, not just inside it. With smart redaction, structured pipelines, and enterprise-grade access control, AI becomes powerful and safe.

Need help deploying AI without risking your IP? AndMine can help you design secure, scalable AI systems that protect your data and reputation.