The dark side of AI data privacy: What you need to know to stay secure

The era of artificial intelligence has arrived, and it is our responsibility as users, and especially as cybersecurity and privacy professionals, to govern its utilization to protect data.

AI refers to the simulation of human intelligence in machines, which are programmed to think and learn like humans. Examples of AI systems include:

• Generative Learning Models: Uses patterns from datasets to create new content, texts, audio, etc. Example: ChatGPT.
• Machine Learning: Learns from data to analyze, self-improve, enhance capabilities, and automate action. Example: Amazon Alexa.
• Robotics: Perceives objects and images in the physical world. Example: Self-driving cars.
• Personalization Systems: Personalizes and tailors content based on user preferences or behaviors. Example: Instagram Ads.

The development, acquisition, and use of AI systems create unique risks to sensitive data. While many data privacy risks are similar (e.g., loss of data confidentiality), the use of AI presents unique attack vectors, threat actors (both malicious and non-malicious), as well as threat actor capabilities, motivations, etc.

This blog post explores three risks unique to the use of AI, as well as recommendations for risk mitigation and AI program governance to measure and manage those risks.

Three key AI data privacy risks:

1. Data leakage or data breach

The loss of confidentiality of sensitive or personally identifiable data (PII) is probably the most well-known, well-documented, and impactful risk. While data leakage is impactful from any system, it can be more significant from an AI system due to the volume of datasets and the data it generates. As part of training AI models or the inherent function of the AI model, vast amounts of personal data may be used, processed, or created, resulting in a risk of data leakage.

Let's consider an AI-powered healthcare platform specializing in personalized genetic analysis and medical recommendations based on individual DNA data. The platform collects highly sensitive personal data, including medical history, genetic sequences, and medical diagnoses, to generate personalized healthcare predictions, such as predispositions to diseases, potential health risks, and medication and lifestyle recommendations. In addition to the risk of identity theft, a breach of this data could result in targeted health-related scams, modifications to insurance coverage, implications to employment status, and reputational damage if it falls into the wrong hands.

While this sort of breach can arise from any number of system vulnerabilities, an organization must take a layered approach to security to mitigate these risks. Key cybersecurity strategies include:

• Strong encryption methods to protect sensitive data in both transit and at risk.
• Strict access controls and authentication methods.
• Regular red team exercises that utilize adversarial techniques to attempt to breach the AI system(s). These exercises aim to test and improve an organization’s resilience and mitigation strategies against these attacks.

2. Data bias or fairness

In the world of data privacy, fairness is handling personal data in reasonable ways that don't have unjustified adverse effects. In the world of AI, this can become a significant risk where automatic decision-making is involved. As part of the training model, datasets may be inherently biased, thus training the model to make biased decisions.

Let’s consider an AI-powered recruiting tool. The tool is designed to streamline the hiring process by filtering resumes for the best candidates. Due to the historical biases in the training datasets, the tool shows a preference for candidates from certain cities/states and universities or penalizes candidates with non-traditional career paths. As a result, qualified candidates may be systematically overlooked, hindering the organization’s ability to achieve a diverse workforce and further perpetuating biases. From the candidates’ perspective, they may face unintentional discrimination based on their gender, race, and education and face social and economic consequences.

One way to combat bias and unfairness is to use synthetic data in training models.

Synthetic data is artificial data that is machine-generated entirely from scratch. It retains the statistical properties of original data, allowing for a full spectrum of diversity, but has no identifiable properties to an individual. It can greatly benefit industries that face heavy regulations, deal with vast amounts of sensitive data, and require the speed and flexibility of diverse data sets. Legacy data falls short in providing such advantages. Regardless of whether synthetic data is utilized in the AI model, organizations must regularly evaluate datasets for bias, noise, and general data hygiene. This process must be part of the organization’s AI governance program to manage ongoing AI risks.

3. Data Overcollection

Users may not be aware of which data and how much is collected by AI systems. For the AI system to make faster and smarter decisions, it may intentionally or unintentionally collect more data than is originally necessary for its function.

Let’s consider an IoT AI system that controls the lighting and temperature in your home. The system's primary functionality is to learn user habits to automatically raise and lower lighting and temperature for the best in-home experience. To successfully provide this functionality, the AI system continuously records audio and video data in your home, capturing every conversation and activity. This over-collection of data can infringe on the rights and freedoms of an individual’s privacy by creating a detailed profile of private lives without their explicit consent of knowledge.

Overcollection of data is a significant privacy risk that can have detrimental consequences for individuals.

Organizations must have a data inventory that defines the data type collected and the legal basis for processing. Suppose the data collected does not directly correlate to a legal basis or core functionality of the system. In that case, the organization must obtain additional consent from the individual prior to collection and processing.

To develop a robust data privacy program, consider these additional mitigation techniques:

• Data minimization
• Data anonymization
• Privacy impact assessments

Successful AI governance relies on a cross-functional team (e.g., legal, compliance, risk, IT, data scientists), comprehensive AI policies (e.g., acceptable use, SDLC), and continuous monitoring (e.g., risk assessments, penetration testing) to analyze AI’s impact on data privacy and adjust the organization’s cybersecurity strategy, processes, and controls accordingly.

By incorporating a combination of technical measures such as red teaming and penetration testing, along with non-technical practices like risk assessments and policy development, your cybersecurity program will be well on its way to effectively mitigating the data security risks associated with AI.

As the demand for AI solutions skyrockets, Coalfire provides an AI Risk Management solution with a programmatic approach to governing, mapping, measuring, and managing risks. Along with free AI risk management framework templates, the solution overlays AI governance with the organization’s current privacy and risk management program to ensure that risk identification, measurement, and management are fully integrated into business operations.

Contact Coalfire to receive free AI RMF templates and schedule an AI RMF assessment.