Forum Discussion

Eric_COL's avatar
Eric_COL
New Contributor
8 months ago

GoPilot Terms of Use Question

Hello,

I was directed here from the recent AI webinar that was hosted.  I had this question for the team there.  Maybe someone here can assist:

Regarding zero trust : the cost of AI compute is very high, and one can understand the need to use external vendors and their systems, but the terms seem to explicitly mention that we lose control of our information upon using GoPilot. Can you elaborate on these terms, specifically item two in the below exerpt:

"Although GoTo will endeavor to enable privacy and security controls made available to us by the Third-Party Providers, GoTo has no control over, and is not responsible for: (1) the quality, accuracy, effectiveness, safety, or security of AI-generated output; or (2) a Third-Party Provider’s use of your information after it has been transmitted to them."

Am I interpreting this correctly?  Is this an open loop in terms of information security?  Thank you for your time.

  • GoTo_Chris's avatar
    GoTo_Chris
    GoTo Contributor

    Hi Eric_COL,

     

    I've passed along the question to one of our lead engineers and will let come back as as soon as I get an answer. In the meantime,  I think this blog will give you more insight specific to GoPilot, AI as a Service, and steps we've taken regarding security: https://www.goto.com/blog/using-ai-as-a-service.

     

    Additionally, from a zero trust stand point, the GoTo Resolve zero trust architecture is in place to prevent any unverified actions being taken on or access to your devices. This would be unrelated to information put into GoPilot's conversational interface.  I recently posted this blog which talks about our zero trust and its important role in the remote access space today.

     

    -Chris

     

     

    • Eric_COL's avatar
      Eric_COL
      New Contributor

      Hi Chris,

       

       

      Thank you for the quick and thorough response!  After reading through the blog, there seems to be conflict between the terms of service and the blog, specifically with the terms I quoted in the original post, and then this section in the blog:

       

      "We’ve made certain that the LLMs only have access to the data required to complete the requested task, that the data is not stored outside of our systems or used for training the OpenAI models."

       

      I know there was a breech a few months ago where private information was leaked through ChatGPT prompts, so I'm just trying to make sure we have all our bases covered.  I understand that the API is different than consumer-level OpenAI in terms of privacy, and I'm assuming the GoPilot terms of useoffer a bit more "coverage" than might be strictly necessary, but again, just looking to make sure.

      Thanks again for the response.    Looking forward to the engineers response on this too.  As mentioned in the blog, things are rapidly evolving, so I understand the nature of this whole endeavour being ever changing.

      • GoTo_Chris's avatar
        GoTo_Chris
        GoTo Contributor

        Hi again Eric_COL

         

        Sorry for the delay here. After speaking with our lead engineer, he did confirm our AI terms should be updated as they do not align with how GoPilot data is used or stored by subprocessors , like OpenAI. He confirmed the blog I shared is accurate in the security of data. 

         

        Thank you for flagging the inconsistency with the terms. We're working to update them soon.

         

        Best,

        Chris