Exposure
Revealing sensitive private information that people view as deeply primordial that we have been socialized into concealing; AI creates new types of exposure risks through generative techniques that can reconstruct censored or redacted content; and through exposing inferred sensitive data, preferences, and intentions.
ENTITY
2 - AI
INTENT
2 - Unintentional
TIMING
3 - Other
Risk ID
mit1367
Domain lineage
2. Privacy & Security
2.1 > Compromise of privacy by leaking or correctly inferring sensitive information
Mitigation strategy
1. Mandatory Data Sanitization and Data Minimization Enforce rigorous preprocessing pipelines to ensure that all training, fine-tuning, and inference data is subject to anonymization, robust redaction, and minimization. This foundational step is critical to prevent sensitive or confidential information from being incorporated into the model's knowledge base, mitigating the primary risk of exposure via data memorization or direct leakage. 2. Deployment of Privacy-Enhancing Technologies Implement advanced technologies such as Differential Privacy (adding calibrated statistical noise to training data or model outputs) and cryptographic techniques like format-preserving encryption. These technical controls directly counter sophisticated threats, including model inversion and generative data reconstruction attacks, by making it computationally infeasible to infer or reconstruct individual sensitive data points. 3. Strict Access Control and Principle of Least Privilege Establish and enforce a comprehensive Role-Based Access Control (RBAC) framework to limit access to model endpoints, training data, and associated logs to only authorized personnel. Furthermore, treat the AI system itself as a semi-trusted entity by applying the Principle of Least Privilege, thereby confining its runtime environment and preventing unauthorized access to external or restricted data sources.