KnacktoHack

Overview

The adoption of Artificial Intelligence (AI), particularly Generative AI, within organizations has many potential benefits, but it's critical for these advancements and adoption to occur responsibly and safely to avoid harmful outcomes. Organizations need a solution to monitor and control AI usage, such as the use of ChatGPT, to prevent misuse, ensure compliance, and mitigate potential risks.

Task

Develop a solution to ensure the responsible use of Generative AI, specifically OpenAI's ChatGPT, within organizational boundaries, policies, laws, and regulations.

Your solution must:

1. Automatically create monitoring rules
2. Provide risk-based alerting and prevention mechanisms
3. Enable real-time monitoring and alerting of user interactions with ChatGPT

Phases

This challenge is divided into two phases:

• Phase 1: Idea Phase
  • Here you are required to share your approach to solving the task.
  • Share your idea/approach/solution in a PPT
  • Be as detailed and descriptive as you can. Include the following:
    • Description of your approach
    • How this approach will solve the problem statement
    • How will your approach be built into a prototype
• Phase 2: Prototype Phase
  • Here you are required to embed automatically generated rules into open source tools like Chat GPT. When prompted with risky queries or information, it should generate an alert automatically.
  • We have shared documents that you can refer to while building your prototype. These include:
    • EU AI regulations
    • IT Acts
    • General compliance documents
    • GDPR
    • Whitepapers on the safe adoption of GenAI and other related topics

Key Features to include in your Solution

• Automated rule generation:
  • Develop a rule-generation engine capable of scanning documents containing organizational policies, regional laws, and regulations.
  • Automatically create monitoring rules based on the scanned documents to identify risky behavior and responses.
• Real-time monitoring:
  • Implement real-time monitoring of user interactions with ChatGPT using the generated rules.
  • Ensure minimal latency in responses from ChatGPT during real-time monitoring.
• Risk-based alerting and prevention
  • Enable risk thresholds to be set for monitoring rules
  • Enable risk scoring of user interaction with ChatGPT
  • Develop a mechanism to fine-tune alerting/prevention based on interaction risk scores and respective risk thresholds set for rules identified.
• Admin control and fine-tuning:
  • Provide human administrators with the ability to review and approve monitoring rules.
  • Allow administrators to fine-tune alerting and prevention rules based on risk thresholds for rules and specific organizational needs.

Sample Risk Indicators

• Risky user behavior includes, but is not limited to, the following:
  • Querying for personal or copyrighted information.
  • Expressing violent or self-harming intentions.
    
  • Indications of insider trading, recruitment activities, malware development, or data manipulation/deletion.
• Risky AI responses include, but are not limited to, the following:
  • Providing copyrighted or personal information
  • Generating data relevant to insider trading or hallucinations
  • Injecting prompts that could lead to malicious activities

Tech Stack

• Will consider all solutions but preference towards MS Azure based solutions

Resources

1. http://eur-lex.europa.eu/legal-content/EN/TXT/PDF/?uri=CELEX:32016R0679
2. https://gdpr-info.eu/
3. https://www.epsu.org/sites/default/files/article/files/GDPR_FINAL_EPSU.pdf
4. Artificial intelligence act (europa.eu)
5. A pro-innovation approach to AI regulation - GOV.UK (www.gov.uk)
6. https://www.europarl.europa.eu/pdfs/news/expert/2023/6/story/20230601STO93804/20230601STO93804_en.pdf
7. SGModelAIGovFramework2.pdf (pdpc.gov.sg)