Privacy
Users’ data, including location, personal information, and navigation trajectory, are considered as input for most data-driven machine learning methods
ENTITY
2 - AI
INTENT
3 - Other
TIMING
1 - Pre-deployment
Risk ID
mit597
Domain lineage
2. Privacy & Security
2.1 > Compromise of privacy by leaking or correctly inferring sensitive information
Mitigation strategy
1. Implementation of Privacy Enhancing Technologies (PETs): Systematically integrate state-of-the-art PETs, such as **Differential Privacy** or **Synthetic Data Generation**, during the data acquisition and model training phases. This is designed to mathematically ensure or significantly increase the difficulty of membership inference and attribute inference attacks on the sensitive input data (location, personal information, navigation trajectory) before model deployment. 2. Rigorous Data Governance and Access Control: Establish and enforce a comprehensive data governance framework that mandates **data encryption** (at rest and in transit) for all sensitive user inputs and implements **strict Role-Based Access Control (RBAC)** across the entire AI development pipeline. This ensures that only authorized personnel have the minimum necessary access to the raw training data. 3. Adherence to Data Minimization Principles: Apply the principle of **data minimization** by restricting the collection and processing of user data (including location and navigation trajectory) to the absolute minimum requisite for the machine learning model's defined function. This structural reduction of the sensitive data footprint inherently lowers the surface area for a privacy compromise.