Employers warned that generative AI covered by New Zealand's Privacy Act
The Office of the Privacy Commissioner has issued a warning to businesses on the potential consequences of using generative AI following their rapid rise across the world.
In a new guidance resource, the privacy commissioner warned about the following prominent generative AI tools including:
"I would expect all agencies using systems that can take the personal information of New Zealanders to create new content to be thinking about the consequences of using generative AI before they start," said Privacy Commissioner Michael Webster in a statement published on Scoop.
According to the commissioner, generative AI's use of personal information is regulated under the Privacy Act.
"Generative AI is covered by the Privacy Act 2020 and my Office will be working to ensure that is being complied with; we will investigate where appropriate," Webster said.
The use of generative AI imposes the following potential privacy risks, it said:
It is the responsibility of agencies to comply with the requirements of the Privacy Act, according to the office. To do so, they are expected to carry out the following measures before using generative AI tools:
"I would expect agencies to do their due diligence and privacy analysis to assess how they comply with the law before stepping into using generative AI," Webster said.
The guidance came as more employers around the world issue guidance on generative AI tools, such as ChatGPT, amid security concerns on confidential data.
Early this year, Samsung suffered from information leakage after some employees encoded confidential sources in ChatGPT, prompting the company to temporarily ban its use for staff.
Apple was also recently reported to have banned ChatGPT, as well as Amazon, Verizon, Citigroup, Goldman Sachs, Wells Fargo, and Accenture.