Vector Databases: AI Uses, Privacy Risks, and Mitigations | Privacy Engineering & Technology Education Discussion (PETed) Recording

Problem Statement:

Developers are rushing to adopt new AI tools and techniques, and private data for AI systems is shifting out of models and into vector databases. These new databases are immature from a security and privacy perspective, and the attacks against them are numerous and growing by the day. Understanding, controlling, monitoring, and protecting the data in these databases should be a top priority of security and privacy teams.

Synopsis:

A short discussion of what a vector database is, how its popularity is soaring, why organizations are adopting it, and the many risks and misconceptions associated with the new types of data going into them.

Related PETs:

• Homomorphic Encryption
• Data-in-Use Encryption
• Customer-held Encryption Keys

Pre-Discussion Resources:

• Google: Meet AI’s multitool: Vector embeddings 
• OpenAI: Introducing text and code embeddings 
• IBM: What is retrieval-augmented generation? 
• Retrieval Augmented Generation using Azure Machine Learning prompt flow 
• “Embeddings Aren’t Human Readable” And Other Nonsense 
• Text Embeddings Reveal (Almost) As Much As Text 
• “Inverting facial recognition models (Can we teach a neural net to convert face embedding vectors back to images?) 

Speaker:

Patrick Walsh

Patrick Walsh has more than 20 years of experience building security products and enterprise software solutions. Most recently, he ran an Engineering division at Oracle, bringing productivity and insights to the world’s largest companies. Patrick now leads IronCore Labs, a data protection platform that helps businesses get back control of their data so they can meet increasingly stringent data protection and privacy requirements.

Moderator:

Janelle Hsia

Janelle Hsia is the President and Founder of Privacy SWAN Consulting working as a trainer, consultant, and trusted advisor for strategic and tactical decision-making. While she is focused on the field of privacy and data protection, Janelle Hsia is not a lawyer and brings a diverse background with strong leadership, technical, and business skills spanning 20 years in the areas of project management, IT, privacy, security, data governance, and process improvement. Janelle Hsia is also Co-Founder and Vice-President of the Institute of Operational Privacy Design.

The IOPD Privacy Engineering & Technology Education Discussion (PETed) Series is a members-only webinar. Join as an Ambassador to get invited to the recurring monthly event. If you are already a member, but need an invitation please contact admin22@instituteofprivacydesign.org.