Friday, December 1, 2023

How To Be AI Safe This Holiday Season - 4 Golden Tips

 


As we now start the last month of 2023, the one thing that is probably hot on your minds is the holiday shopping, and getting gifts for families and friends.  Usually electronic items are at the top of the list, but this time, you need to be especially careful, given the boom in AI and ML.  As I have written about this before, while these technologies do have great advantages, they also pose a grave security risk also.

So, to keep your loved ones and even your business and employees safe, here are some quick tips to keep in mind as you go amuck with your shopping:

1)     Avoid free products:

Yes, we all like free stuff.  But with AI, play it safe here.  A lot of the new products and services that are coming out are still new, and in fact, many are still beta versions.  However, these vendors need test data in order to train their AI models.  While they could invite people to be guinea pigs for this, a popular route that they choose is to offer you a free AI product.  But be careful here.  This is probably a tactic to sucker you in to be one of those guinea pigs with notifying you ahead of time, especially if they do not say how your data will be collected and used.  Just remember that old adage here:  “You get what you pay for”.

2)     Review your agreement:

Technology vendors are notorious for having End User Licensing Agreements (also known as “EULAs”) that are long and hard to decipher.  They realize that many customers won’t have the patience to read through all of the legalese, and they will just go ahead and sign.  But when it comes to AI products, have your lawyer look over the EULA first.  It needs to spell out your data privacy rights, and how you can opt out of stuff.  If these clauses are not there, then this is a huge, red flag.

3)     Make sure your privacy is protected:

You may have heard of regulations like the GDPR and the CCPA.  These are data privacy laws that are meant to protect your private information.  But what most people do not know is that they don’t offer blanket coverage to everybody.  For the example, the CCPA applies mostly to people who live in California, while the GDPR applies to businesses that conduct transactions mostly in the EU.  Therefore, if you really want to make sure that your getting the privacy you want, then consider upgrading to an enterprise version of the AI product and/or service that you want to get.  This will cost some extra money, but at least you know that the vendor will be protecting privacy rights, and if they are violated, you will be afforded legal recourse.

4)     Confirm the vendors:

During this time, you need to be especially careful of scamming, especially those of Phishing emails and robocalls.  Before you purchase any AI product and/or service, always confirm that the vendor is for real.  This can easily be done by contacting your local Better Business Bureau, and doing some Google searches.  In this regard, pay careful attention to customer reviews.  Of course, there will be some negative ones, but if the good does not outweigh the bad, this should yet be another huge, red flag to you.

My Thoughts On This:

The bottom line is that AI is going to be with us for a long time to come.  It’s not going to disappear in any way, shape, or form.  While it can be exciting to use and give as a gift, it’s still very new to most people.  In fact, in the business world, company adoption of it is going to rise by at least 66% in the coming year.  (SOURCE:  https://www.nngroup.com/articles/ai-tools-productivity-gains/)

While nobody is immune to a threat vector from an AI product or service, the above tips should at least help mitigate those risks to a certain degree. Just pay extra careful attention to where you are shopping this holiday season, and you should be just fine for a great time.

 

No comments:

Post a Comment

How To Launch A Better Penetration Test In 2025: 4 Golden Tips

  In my past 16+ years as a tech writer, one of the themes that I have written a lot about is Penetration Testing.   I have written man blog...