41

Are Your Private Conversations Fueling AI? The Cost of AI

With the rapid evolution of Artificial Intelligence (AI) and large language models (LLMs), data privacy has become one of the most pressing concerns for individuals, businesses, and developers alike. The convenience and power of AI systems, ability to understand and generate human-like text, and answer complex questions does not come without a price to pay. The question looms, is my confidential data being used to train these systems? And worse, is someone else reading it?

Eyes everywhere

Working At The Speed of Prompts

Artificial Intelligence has changed industries by automating tasks and uncovering insights that were once beyond reach. Today, businesses are dependent on AI to analyze vast datasets, predict customer behavior, and even forecast market trends with a level of speed and precision unattainable by human efforts.

  • According to NVIDIA's fourth annual report, 91% of financial services companies are either assessing AI or already using it in production.

  • Meta cut 21,000 jobs and saw a 201% net income increase by investing in operational efficiency using AI.

  • Axis Bank's AI voice assistant AXAA handles 15% of calls with 90% plus accuracy, boosting customer service efficiency.

  • Chipotle managed to reclaim over 70% of lost revenue using AI-driven analytics.

  • Carvana resulted in $10+ million in incremental business from cost optimizations.

However, despite AI's extensive capabilities, it is still possible to bypass built-in safety measures and content guidelines through carefully crafted prompts.

Jailbreaking ChatGPT

But At What Cost?

GenAI models are not good at keeping secrets. While AI models have groundbreaking capabilities, they are also susceptible to adversarial attacks and manipulation. Jailbreaking and prompt injection are two prominent threats to GenAI models and applications built using them.

Rule-based defenses can be easily defeated

  • Early last year, a hacker gained access to the internal messaging systems of OpenAI, and stole details about the design of the ChatGPT's A.I. technologies.

  • In June 2023, Microsoft's AI research team accidentally exposed 38TB of sensitive data, including passwords and internal messages, while uploading training data to GitHub.

  • There have been numerous other instances of significant data breaches reported in media, averaging over 3 every month.

From a Venture Capital perspective, platforms no longer need traditional subscription models for monetization, as long as they can capture valuable data that can be repurposed for AI. Reddit, for example, has adopted this approach.

Navigating Privacy

Governments and regulatory bodies are starting to keep pace with the rapid advancement of AI. In the European Union, for example, the General Data Protection Regulation (GDPR) enforces strict rules on handling personal data, requiring explicit consent before data can be used for purposes beyond its original intent.

In the U.S., data privacy regulations differ by state, but there is a growing emphasis on transparency and user control over personal data. For instance, California's Consumer Privacy Act (CCPA) requires companies to disclose how they use personal data and grants consumers the right to opt out of data sales or sharing.

For developers, adopting privacy-first principles in AI development goes beyond mere compliance - it's about fostering trust. Users are more inclined to engage with platforms that prioritize data protection, especially when dealing with sensitive or confidential information.

The risk of AI systems spewing out in production what they have learned during training is not something organizations should expose themselves to. The open sourcing of models and on-device deployment introduce both new challenges and opportunities for enhancing data privacy.

Local Execution

Local execution, where AI models run directly on user devices (laptops, smartphones), offers one of the highest levels of privacy. Since data never leaves the device, the risk of unauthorized access, data breaches, or external tracking is significantly minimized. This is particularly beneficial for sensitive applications like healthcare diagnostics. Additionally, these applications can function with poor or no internet connectivity.

There are a lot of great tools and AI libraries available which make it possible to leverage the benefits of local execution with minimal efforts. If you're interested in exploring, check out PrivateGPT and Ollama to start with.

Apple has also been pushing for offline language models with OpenELM, Neural Engine, and Core ML frameworks. Google has been chasing after on-device GenAI applications with their Gemini Nano. Qualcomm pursues local AI capabilities with AI Hub and their open-source AI models.

These tools have enabled anyone and everyone to use AI anywhere, anytime. Local execution is very powerful with a lot of functionality and security benefits. However, there is a catch - not really everyone can run these models as of today due to the limitations of computer resources on consumer devices.

In-House Development

An in-house AI system operates within the company's own infrastructure, often on-premises or in a private cloud. This approach gives companies complete control over data handling and security, with fewer intermediaries involved.

  • IBM uses its own LLMs, named Granite, alongside open-source models for applications like AskHR, which assists employees with HR-related inquiries.

  • Intuit integrates open-source LLMs into its products like TurboTax, QuickBooks, and Mailchimp to enhance customer support and task completion.

  • Shopify Sidekick is an AI-powered tool that utilizes Llama 2 to help small business owners automate various tasks for managing their commerce sites.

However, this approach demands a substantial investment of time and money, making it viable primarily for large enterprises with dedicated tech teams capable of handling the development.

Our Offering

At AetheriumAI, we have chosen to provide in-house-level data privacy by leveraging the power of LlamaCPP. Each user is assigned a separate instance of Qwen (the open-source model powering our document search). You can upload your documents to enable the model to access them and run queries.

Your data is cleared before anyone else can use the Qwen instance. Don't believe me - You can find the /clear call in your Browser Inspector's Network Tab.

Let us know if you want us to write more about its Retrieval Augmented Generation (RAG) implementation or technical details.

Closure

Privacy-preserving AI is not merely about regulation compliance; it's about sustaining user trust and navigating a competitive landscape where consumers increasingly value the security of their data. By prioritizing transparency and ethical design, we can build a future where AI benefits society without compromising the very data that fuels it.