Truth in IT
    • Sign In
    • Register
        • Videos
        • Channels
        • Pages
        • Galleries
        • News
        • Events
        • All
Truth in IT Truth in IT
  • Data Management ▼
    • Converged Infrastructure
    • DevOps
    • Networking
    • Storage
    • Virtualization
  • Cybersecurity ▼
    • Application Security
    • Backup & Recovery
    • Data Security
    • Identity & Access Management (IAM)
    • Zero Trust
    • Compliance & GRC
    • Endpoint Security
  • Cloud ▼
    • Hybrid Cloud
    • Private Cloud
    • Public Cloud
  • Webinar Library
  • TiPs
  • DRAW

BigID: Privacy by Design for Generative AI Systems

BigID
06/19/2026
0 (0%)
Share
  • Comments
  • Download
  • Transcript
Report Like Favorite
  • Share/Embed
  • Email
Link
Embed

Transcript


that we knew exactly what a system would do. But with generative AI, we need privacy by design for systems that learn, adapt, and occasionally surprise us. I was trying to schedule some meetings using Copilot a few weeks ago, and it asked me whether I should schedule them before or after my vacation, which I didn't even tell it about as part of the prompt. So I think that kind of emergent behavior, and as you said, Dan, kind of non-deterministic, it's really important for us when we're thinking about how do we do privacy by design, we're really designing for the behaviors that the system may have, not just the baseline data flows. And it's really that shift from point-in-time controls to continuous oversight. Because I think we need to treat both the training data and the model behavior as different important threat surfaces, really. And when we're thinking about how do we build those privacy by design considerations, we need to be moving more from kind of, here's a very specific specification, to more here are the guardrails that we want to kind of shape that behavior within. So I think for me, privacy by design can't be a blueprint that we do once and then it's done. It has to be the rules of the city that the building needs to live in. So really kind of applying things in a different way to allow for more of that adaptive behavior.

TL;DR

  • Traditional privacy by design assumes predictable system behavior, but generative AI systems learn, adapt, and exhibit non-deterministic behaviors that require fundamentally different privacy frameworks.
  • Organizations must treat training data and model behavior as separate threat surfaces, each requiring distinct privacy controls and continuous monitoring rather than one-time assessments.
  • Privacy by design for AI should focus on establishing adaptive guardrails that shape behavior within boundaries, rather than rigid specifications that assume deterministic outcomes.

Summary

Aaron Weller, Leader of Privacy Innovation and Assurance at HP, explains why traditional privacy by design frameworks are insufficient for generative AI systems. Unlike conventional software with predictable behavior, generative AI introduces non-deterministic risks through both training data and emergent model behavior. Weller illustrates this with a real-world example of Microsoft Copilot surfacing vacation information that was never explicitly provided in a prompt, demonstrating how AI systems can exhibit unexpected behaviors. He argues that privacy controls must shift from static, point-in-time specifications to continuous oversight with adaptive guardrails. Rather than treating privacy by design as a one-time blueprint, organizations must establish ongoing governance frameworks that shape AI behavior within defined boundaries while accommodating the adaptive nature of these systems. This approach treats training data and model behavior as distinct threat surfaces requiring separate privacy considerations.

Chapters

0:00 - Traditional Privacy Frameworks Inadequate
0:10 - Real-World AI Behavior Example
0:35 - Continuous Oversight vs Point-in-Time
1:01 - Guardrails Over Blueprints

Key Quotes

0:03 "But with generative AI, we need privacy by design for systems that learn, adapt, and occasionally surprise us."
0:41 "I think we need to treat both the training data and the model behavior as different important threat surfaces, really."
1:01 "So I think for me, privacy by design can't be a blueprint that we do once and then it's done. It has to be the rules of the city that the building needs to live in."

FAQ

Why don't traditional privacy by design frameworks work for generative AI?

Traditional frameworks assume deterministic, predictable system behavior. Generative AI systems learn, adapt, and can exhibit emergent behaviors that weren't explicitly programmed, requiring continuous oversight rather than static controls.


Categories:
  • » Webinar Library » BigID
  • » Cybersecurity » Data Security
  • » Data Protection
Channels:
News:
Events:
Tags:
  • AI & Machine Learning
  • Data Privacy
  • Compliance & Governance
  • Technical Deep Dive
  • Webinar
  • Privacy by Design
  • Generative AI Governance
  • AI Risk Management
  • Non-Deterministic Systems
  • Continuous Monitoring
  • Training Data Privacy
  • Model Behavior Oversight
Show more Show less

Browse videos

  • Related
  • Featured
  • By date
  • Most viewed
  • Top rated
  •  

              Video's comments: BigID: Privacy by Design for Generative AI Systems

              Upcoming Webinar Calendar

              • 06/23/2026
                01:00 PM
                06/23/2026
                The AI-Powered VMware Alternative
                https://www.truthinit.com/index.php/channel/2009/the-ai-powered-vmware-alternative/
              • 06/24/2026
                11:00 AM
                06/24/2026
                LATAM: Accelerating Insights on AI Through an Engaging Webinar Series
                https://www.truthinit.com/index.php/channel/2012/accelerating-insights-on-ai-through-an-engaging-webinar-series/
              • 06/25/2026
                01:00 PM
                06/25/2026
                Generative AI Security: Preventing AI from Becoming a Data Breach Multiplier
                https://www.truthinit.com/index.php/channel/1998/generative-ai-security-preventing-ai-from-becoming-a-data-breach-multiplier/
              • 06/30/2026
                01:00 PM
                06/30/2026
                Mastering Active Directory Certificate Services for Long-Term Success
                https://www.truthinit.com/index.php/channel/2018/mastering-active-directory-certificate-services-for-long-term-success/
              • 07/01/2026
                04:00 AM
                07/01/2026
                Integrating Security in AI: Automated Red Teaming Strategies for Private Models
                https://www.truthinit.com/index.php/channel/1969/integrating-security-in-ai-automated-red-teaming-strategies-for-private-models/
              • 07/01/2026
                04:00 AM
                07/01/2026
                Schutz von KI in Anwendungen, Agenten und APIs.
                https://www.truthinit.com/index.php/channel/2008/schutz-von-ki-in-anwendungen-agenten-und-apis/
              • 07/01/2026
                01:00 PM
                07/01/2026
                How to Prevent Your AI from Taking Control of You
                https://www.truthinit.com/index.php/channel/2021/how-to-prevent-your-ai-from-taking-control-of-you/
              • 07/02/2026
                10:00 AM
                07/02/2026
                When the cloud goes dark: Resilience lessons from hybrid threats
                https://www.truthinit.com/index.php/channel/2011/resilience-insights-from-hybrid-threats-when-the-cloud-faces-challenges/
              • 07/07/2026
                01:00 PM
                07/07/2026
                A Comprehensive Demonstration of DLP Solutions and Strategies
                https://www.truthinit.com/index.php/channel/2030/a-comprehensive-demonstration-of-dlp-solutions-and-strategies/
              • 07/09/2026
                01:00 PM
                07/09/2026
                Agentic Trust in Practice: Enhancing the Human Experience
                https://www.truthinit.com/index.php/channel/2026/agentic-trust-in-practice-enhancing-the-human-experience/
              • 07/14/2026
                11:00 AM
                07/14/2026
                Discover the Latest Innovations in Netwrix 1Secure During This Technical Session
                https://www.truthinit.com/index.php/channel/2014/discover-the-latest-innovations-in-netwrix-1secure-during-this-technical-session/
              • 07/21/2026
                04:00 AM
                07/21/2026
                Strategies for Managing AI Governance and Securing App-to-LLM API Traffic
                https://www.truthinit.com/index.php/channel/1967/strategies-for-managing-ai-governance-and-securing-app-to-llm-api-traffic/
              • 07/21/2026
                01:00 PM
                07/21/2026
                HUMAN Dialogue: Insights from Attackers Revealed at the FIFA World Cup
                https://www.truthinit.com/index.php/channel/2029/human-dialogue-insights-from-attackers-revealed-at-the-fifa-world-cup/
              • 07/22/2026
                06:30 AM
                07/22/2026
                Understanding the Dynamics of Data Privacy and Protection Regulations
                https://www.truthinit.com/index.php/channel/2000/understanding-the-dynamics-of-data-privacy-and-protection-regulations/
              • 07/28/2026
                01:00 PM
                07/28/2026
                Illumio: Zero Trust in the Age of AI Autonomy
                https://www.truthinit.com/index.php/channel/2031/illumio-zero-trust-in-the-age-of-ai-autonomy/
              • 07/29/2026
                04:00 AM
                07/29/2026
                Real-Time Strategies for Safeguarding Against Prompt Injections
                https://www.truthinit.com/index.php/channel/1968/real-time-strategies-for-safeguarding-against-prompt-injections/
              • 09/30/2026
                04:00 AM
                09/30/2026
                AI Command Center: Optimizing Visibility and Control in Your Operations
                https://www.truthinit.com/index.php/channel/2024/ai-command-center-optimizing-visibility-and-control-in-your-operations/

              Upcoming Events

              • Jun
                23

                The AI-Powered VMware Alternative

                06/23/202601:00 PM ET
                • Jun
                  24

                  LATAM: Accelerating Insights on AI Through an Engaging Webinar Series

                  06/24/202611:00 AM ET
                  • Jun
                    25

                    Generative AI Security: Preventing AI from Becoming a Data Breach Multiplier

                    06/25/202601:00 PM ET
                    • Jun
                      30

                      Mastering Active Directory Certificate Services for Long-Term Success

                      06/30/202601:00 PM ET
                      • Jul
                        01

                        Schutz von KI in Anwendungen, Agenten und APIs.

                        07/01/202604:00 AM ET
                        More events
                        Truth in IT
                        • Sponsor
                        • About Us
                        • Terms of Service
                        • Privacy Policy
                        • Contact Us
                        • Preference Management
                        Desktop version
                        Standard version