Lessons learned: Samsung's confidential data leak to ChatGPT

2023-06-01
Article Banner

Samsung employees accidentally leaked sensitive company information while using ChatGPT for help at work, including source code and a recording of a meeting.

The incidents raise concerns about the potential for similar leaks and possible violations of GDPR compliance.

Samsung has taken immediate action by limiting the ChatGPT upload capacity and considering building its own internal AI chatbot.

How did the leak happen?

Samsung allowed engineers to use ChatGPT to check source code.

Three separate instances of unintentional leaks of confidential information to ChatGPT were reported, including sharing confidential source code, code optimisation requests, and a recording of a meeting.

This breach highlights the risks associated with using AI tools like ChatGPT to handle sensitive information, as it may violate GDPR compliance.

Look at data through an ethical lens and learn how to manage large streams of data by taking our Data Ethics and AI Governance Frameworks course.

What are the implications?

This incident raises concerns about the use of AI tools such as ChatGPT to handle confidential information, as it may lead to data breaches and violation of privacy laws.

Experts have warned against the potential risks of sharing confidential legal documents or medical information for the purpose of summarising or analysing lengthy text.

Organisations should:

• Establish clear guidelines and protocols for the use of AI tools for handling sensitive information including a policy governing its specific use.
• Communicate the risks and limitations of AI systems as well as limit access based on data sensitivity
• Implement data privacy and security measures in compliance with relevant laws and regulations,
• Establish processes for reporting and addressing AI-related incidents.
• Ensure employee training and awareness programs

Find out how you can achieve a certification in Generative AI and Data Governance, by attending our upcoming webinar, “Navigating the World of AI with Strong Data Governance: Boost Your Career with Certification”.

Click to view bigger image

For access to news updates, blog articles, videos, events and free resources, please register for a complimentary DPEX Network community membership, and log in at dpexnetwork.org.

Unlock these benefits
benefit

Get access to news, enforcement cases, events, and actionable tips and guides

benefit

Get regular email updates and offers

benefit

Job opportunities, mentorship and career guidance

benefit

Exclusive access to Data Protection community - ask questions, network and share knowledge with peers and experts via WhatsApp and Linkedin

Sign up for a free membership
Topics
    Related Articles
    • Compliance Trends you better leave behind in 2019...

      Now that we are starting a new year, we can reflect on a few compliance trends t......

    • Insurance broker: 'low-risk' companies are attract......

      If you’re with an organisation in a low-risk sector, you can relax when it......

    • How can GRC (Governance, Risk and Compliance manag......

      What is required of organisations today?The organisation today faces many differ......

    DPEX Network is a Community Initiative of Straits Interactive.

    Copyright © Straits Interactive Pte Ltd. All Rights Reserved.

    All intellectual property rights to logos and brands featured on this website remain the property of their respective owners.

    Terms and Conditions|Privacy Policy