|
Article 53
|
(Generative AI)
- An organization shall not totally trust the information generated by generative AI and shall instead perform objective assessments and management and control of the risks in the information, and shall not directly use the generated contents that have not been validated as the sole basis of decision making.
- Without a proper management and control system in place at the organization, no staff may provide information that should be kept in confidentiality, or disclosure of which is not consented by an individual or the organization to generative AI, nor shall they ask questions that may involve confidential business or personal data to generative AI. Notwithstanding, in the case of closed generative AI deployed on site, after security of the system environment is verified, certain confidential information, where appropriate, can be provided.
- When using the generative AI system developed by third-party provider, if an organization cannot have control over the training process or ensure the results from its data or computation meet the principle of equality, the organization shall have its staff to perform objective and professional management and control for risks in the information generated by the system.
- When introducing a generative AI system, an organization shall have an emphasis on whether equality and people-oriented value assessment would create bias or discrimination against certain groups of people, and reduce the possibility of inequality.
|