Privacy and Data Security in Generative AI Assessments
摘要
Research in many areas including education, health and cybersecurity are witnessing the rapid ascent of Generative Artificial Intelligence (GenAI) and new data-driven assessment systems. Assessment models that utilize powerful Generative AI models, such as Generative Adversarial Networks (GANs) and large language transformers, generate synthetic content and behaviors based on simulated user inputs, automate complex assessments and make using personal data faster, easier, and less expensive. Nonetheless, there are serious concerns with GenAI for training and deploying with sensitive personal and institutional data due to privacy and data security issues. GenAI systems significantly differ from traditional models based in part on the differences in privacy risk. GenAI may work by recognizing the critical features of training data. Many generative models are black-box technologies, which also limit access to interpretability and transparency of the models and can make regulatory and reporting compliance more complicated when addressing the use of personal information (GDPR, HIPAA and emerging AI governance). This chapter examines the intersection of GenAI assessments and privacy in detail. We outline essential privacy vulnerabilities associated with GenAI assessment. We also describe state-of-the-art privacy preserving approaches in the literature such as differential privacy, federated learning and homomorphic encryption, and profile those approaches for effectiveness in generative assessment, and we propose a hybrid approach to improve privacy while maintaining model usability. With careful examination, case studies and empirical comparisons, the chapter provides actionable recommendations for protecting GenAI tests without stifling their innovative nature.