At the dawn of the cloud revolution, which saw enterprises move their data from on premise to the cloud, Amazon, Google and Microsoft succeeded at least in part because of their attention to security as a fundamental concern. No large-scale customers would even consider working with a cloud company that wasn’t SOC2 certified.
Today, another generational transformation is taking place, with 65% of workers already saying they use AI on a daily basis. Large language models (LLMs) such as ChatGPT will likely upend business in the same way cloud computing and SaaS subscription models did once before.
Yet again, with this nascent technology comes well-earned skepticism. LLMs risk “hallucinating” fabricated information, sharing real information incorrectly, and retaining sensitive company information fed to it by uninformed employees.
Any industry that LLM touches will require an enormous level of trust between aspiring service providers and their B2B clients, who are ultimately those bearing the risk of poor performance. They’ll want to peer into your reputation, data integrity, security, and certifications. Providers that take active steps to reduce the potential for LLM “randomness” and build the most trust will be outsized winners.
For now, there are no regulating bodies that can give you a “trustworthy” stamp of approval to show off to potential clients. However, here are ways your generative AI organization can build as an open book and thus build trust with potential customers.
Seek certifications where you can and support regulations
Although there are currently no specific certifications around data security in generative AI, it will only help your credibility to obtain as many adjacent certifications as possible, like SOC2 compliance, the ISO/IEC 27001 standard, and GDPR (General Data Protection Regulation) certification.
You also want to be up-to-date on any data privacy regulations, which differ regionally. For example, when Meta recently released its Twitter competitor Threads, it was barred from launching in the EU due to concerns over the legality of its data tracking and profiling practices.
Providers that take active steps to reduce the potential for LLM “randomness” and build the most trust will be outsized winners.
As you’re forging a brand-new path in an emerging niche, you may also be in a position to help form regulations. Unlike Big Tech advancements of the past, organizations like the FTC are moving far more quickly to investigate the safety of generative AI platforms.
While you may not be shaking hands with global heads of state like Sam Altman, consider reaching out to local politicians and committee members to offer your expertise and collaboration. By demonstrating your willingness to create guardrails, you’re indicating you only want the best for those you intend to serve.
Set your own safety benchmarks and publish your journey
In the absence of official regulations, you should be setting your own benchmarks for safety. Create a roadmap with milestones that you consider proof of trustworthiness. This may include things like setting up a quality assurance framework, achieving a certain level of encryption, or running a number of tests.