Pythian Blog: Technical Track

Architecting and Building Production-Grade GenAI Systems - Part 3: Ethical Considerations and Compliance

If you haven't read Part 2, please click here to get started.

Ethical Considerations and Compliance

7. Ethical Considerations

Ethical AI use is paramount. Develop content moderation and filtering to prevent the generation of harmful or inappropriate content. Always consider the ethical implications of AI applications.

You do not want to underestimate the importance of content moderation, which can lead to content-related issues and reputation damage. Don't compromise on ethical safeguards even in the scenario of an enterprise application that will not be open to the public.

For our particular solution, we can immediately take advantage of Azure OpenAI’s service built-in content filtering that will analyze and filter harmful content. That is a configuration on the service side so no change is required for the level of granularity that we are displaying in our architecture.

8. Data Privacy and Security

Ensure data is encrypted at rest and in transit. In our case all the services will be communicating through the private endpoints and using TLS so encryption at transit is happening. 

The services storing data in long term storage in our architecture are Azure Storage and Cognitive Search. Both of these services offer encryption at rest with either service managed or customer managed keys. It will be up to the customer to decide whether they want to roll their own keys but regardless of the choice, the capability is there. So once again, there is no need to modify our architecture.

If we are bringing in any PII in the data then we could take advantage of ADF to run a cleanup process to remove any fields that are sensitive and anonymize or mask the PII fields.

9. Legal and Compliance

Comply with intellectual property rights, copyright laws, and licensing agreements, especially when handling user-generated content. Comply with data protection regulations (e.g., GDPR) and obtain user consent when necessary. This is not necessarily a task that will be part of the application architecture but nevertheless it is a task that has to happen for a production-grade application. Consult your legal team on any requirements before rolling out your Generative AI solution.

Now that we have a better sense of ethical considerations and compliance, let's dive into running operations.

No Comments Yet

Let us know what you think

Subscribe by email