Slack has come under fire for using customer data to train its global AI models and generative AI add-on. Sure, requiring users to manually unsubscribe via email seems sneaky (isn’t email avoidance the whole point of Slack?), but the messaging app doesn’t bear all the responsibility here. The most popular workplace apps have all integrated AI into their products, including Slack AI, Jira AI-Powered Virtual Agent, and Gemini for Google Workspace. Anyone using technology today – especially for work – should assume that their data will be used to train AI. Therefore, it is up to individuals and companies to prevent sensitive data from being shared with third-party apps. Anything less is naive and risky.
Co-founder and CTO of Nightfall AI.
Trust no one
There’s a valid argument circulating online that Slack’s opt-out policy sets a dangerous precedent for other SaaS apps to automatically opt customers in to sharing data with AI models and LLMs. Regulators are likely to investigate, especially for companies operating in locations protected by the General Data Protection Regulation (but not the California Consumer Privacy Act, which allows companies to process personal data without consent until a user opts out). Until then, anyone using AI – more than 40% of enterprises, by IBM’s estimates – should assume that shared information will be used to train models.
We could dive into the ethics of training AI on individuals’ billion-dollar business ideas that come to life in Slack threads, but someone on the Internet has probably already written that. Instead, let’s focus on what really matters: whether or not Slack’s AI models are trained on users’ sensitive data. This means personally identifiable information (PII) such as social security numbers, names, email addresses, and phone numbers; personal health information (PHI); or secrets and credentials that could reveal PII, PHI and other valuable company and customer information. This is important because training AI on this information poses risks of sensitive data exposure, rapid injection attacks, model abuse, and more. And those are the things that can make or break a company.
While Slack’s updated privacy principles state, “For any model that will be used broadly by all of our customers, we do not build or train those models in a way that enables them to learn, remember, or reproduce any part of customer data,” companies must ensure that their sensitive data does not come into contact with third-party AI models. Here’s how.
Adopt a model of shared responsibility
This isn’t the first time the question of who is responsible for security, the service provider or the technology consumer, has come up. In fact, it was such a hot topic during the mass migration to the cloud that the National Institute of Standards and Technology (NIST) came up with an answer. It’s a framework that clearly defines the responsibilities of cloud service providers (CSPs) and cloud consumers to ensure that both parties contribute to security and compliance. It’s called the shared responsibility model in the cloud, and it’s worked well for more than a decade.
The same shared responsibility model can be applied if you replace the CSP with Slack (or any other SaaS app that uses AI). Slack must be responsible for securing the underlying infrastructure, platform, and services, and Slack customers must be responsible for securing their sensitive company and customer data. In this model, here are some ways Slack customers can ensure sensitive data isn’t used to train Slack’s AI.
– Use a human firewall. Employees are the first line of defense against sensitive data entering a third-party application like Slack. While regular security training is important, it is best combined with a solution that identifies potential policy violations and has employees delete or encrypt sensitive data before sharing it. – Filter inputs. The best way to prevent sensitive data from being fed into Slack’s AI model is not to share it with Slack in the first place. Companies should use a solution that intercepts outgoing Slack messages and cleans or encrypts sensitive data before sharing it with Slack. – Never share secrets, keys or login details on Slack. At a minimum, this information should be encrypted and stored and shared using a password manager or vault. Additionally, companies should use the above tips for using a human firewall and input filtering to ensure these keys to the kingdom aren’t accidentally shared via Slack (or email, or GitHub – we’ve seen how that goes ).
Perhaps the Hacker News community is right to be angry that they didn’t know they had to opt out of using Slack by having their data used to train their global AI models and Slack AI. And for those who opt out now, there are still many unanswered questions, such as whether or not their data will be retroactively deleted from Slack models and what implications this may have for compliance. This has certainly sparked discussions about transparency around AI model training in meeting rooms or Slack channels (too soon?) across the industry, and we’ll likely see more companies update their privacy policies in the coming months to prevent similar user responses . Slack has been seen this week.
Whatever that policy says, the best way to prevent AI training on your sensitive data is to prevent it from being exposed in the first place.
We have highlighted the best encryption software for you.
This article was produced as part of Ny BreakingPro’s Expert Insights channel, where we profile the best and brightest minds in today’s technology industry. The views expressed here are those of the author and are not necessarily those of Ny BreakingPro or Future plc. If you are interested in contributing, you can read more here: https://www.techradar.com/news/submit-your-story-to-techradar-pro