DPAI-08

Do you provide choice to the user to opt out of AI use?

Explanation

This question is asking whether your organization gives users the ability to decline or opt out of artificial intelligence (AI) features or processing within your product or service. Why this matters in security assessments: 1. User autonomy and consent: Organizations are increasingly expected to provide transparency and choice regarding AI use, especially when AI might process personal data or make decisions affecting users. 2. Regulatory compliance: Various privacy regulations (like GDPR in Europe) require giving users control over how their data is processed, including by automated systems like AI. 3. Ethical AI practices: Providing opt-out options demonstrates commitment to ethical AI use and respects user preferences. 4. Risk mitigation: Some users may have specific concerns about AI processing their data, and providing opt-out mechanisms helps address these concerns. The question is evaluating whether your organization has mechanisms in place that allow users to decline AI-powered features while still using your core services. This could include options to disable AI-driven recommendations, automated decision-making, or other AI functionalities.

Example Responses

Example Response 1

Yes, our platform provides users with granular control over AI usage In the user settings panel, we have a dedicated 'AI Preferences' section where users can toggle off all AI-powered features or selectively disable specific AI functionalities (such as predictive text, content recommendations, or automated data analysis) Users who opt out of AI features can still access all core functionalities of our platform, though some convenience features may be limited We clearly communicate which features use AI technology in our user interface and documentation, and these preferences can be changed at any time.

Example Response 2

Yes, we provide opt-out options for AI use through multiple channels During the initial onboarding process, users are presented with clear information about our AI-powered features and given the choice to enable or disable them Additionally, users can modify these preferences at any time through their account settings When users opt out, we ensure their data is not used to train our AI models and that they receive non-AI alternatives for relevant features We maintain documentation of user preferences and honor these choices across all our services and platforms.

Example Response 3

No, our current platform does not provide users with the ability to opt out of AI features Our AI capabilities are deeply integrated into our core service offering and cannot be disabled without compromising essential functionality However, we understand the importance of user choice and transparency, so we clearly disclose our use of AI in our privacy policy and terms of service We're currently developing a more modular architecture that will allow for selective AI opt-outs in future releases, planned for Q3 of next year In the meantime, we focus on ensuring our AI systems are designed with privacy and security as fundamental principles.

Context

Tab
Privacy
Category
Privacy and AI

ResponseHub is the product I wish I had when I was a CTO

Previously I was co-founder and CTO of Progression, a VC backed HR-tech startup used by some of the biggest names in tech.

As our sales grew, security questionnaires quickly became one of my biggest pain-points. They were confusing, hard to delegate and arrived like London busses - 3 at a time!

I'm building ResponseHub so that other teams don't have to go through this. Leave the security questionnaires to us so you can get back to closing deals, shipping product and building your team.

Signature
Neil Cameron
Founder, ResponseHub
Neil Cameron