Technology Overview

The AI technology stack for commerce — foundational models, agentic AI, LLMs, privacy & security, investment costs, and what comes next — based on Book Part 5 of the AI Best Practices for Commerce reference.

Section 5 of 863% complete

Privacy & Security

Foundational principles for responsible AI systems

Privacy-Enhancing and Security-Enhancing Techniques

Technical strategies for protecting data in AI environments have expanded significantly in recent years. Differential privacy provides rigorous mathematical guarantees that limit the influence of individual data points on a model’s output. By injecting controlled noise into training or aggregating updates, differential privacy ensures that attackers cannot easily determine whether a particular record was included in the dataset. While this can reduce performance, especially in models trained on small datasets, it offers a powerful safeguard in sensitive applications.

Federated learning reduces exposure by decentralizing the training process. Instead of aggregating all data into a central server, federated learning distributes model training across devices or institutional silos. Each participant trains a local model and submits updates to a central aggregator. However, federated learning introduces its own challenges: Model updates may leak information, participants may behave maliciously, and communication overhead can be significant. These challenges are often addressed through secure aggregation, differential privacy overlays, and careful orchestration of model versioning.

Secure multiparty computation and homomorphic encryption extend privacy protection by enabling operations on encrypted data or by distributing computation across multiple parties who never reveal their private inputs. These techniques are increasingly explored in domains where data cannot be shared directly, such as healthcare, finance, and inter-organizational collaboration. Although computationally intensive, these methods provide strong guarantees that reduce the risks associated with centralized data processing.

Trusted execution environments (TEEs) offer protection at the hardware level by isolating sensitive computations in secure enclaves. This allows models to process sensitive inputs without exposing them to the broader system or cloud infrastructure. When combined with on-device inference, TEEs reduce the flow of sensitive information across networks and minimize attack surfaces.

Synthetic data provides an alternative for development and testing. By generating artificial datasets that preserve statistical structure but eliminate direct links to real individuals, organizations can accelerate experimentation without relying on sensitive information. However, synthetic data must be validated carefully to ensure that it does not inadvertently replicate specific individuals or encode undesirable biases. Evaluating synthetic data quality remains an evolving discipline, and organizations must remain vigilant when adopting synthetic methods.

Building an AI Security Culture
  • Clear ownership: each AI system needs designated stakeholders across data, behavior, security, compliance
  • Address shadow AI: provide approved tools and explain risks of unsanctioned AI platforms
  • AI limitations training: employees must recognize hallucinations, reflect biases, and critically evaluate outputs
  • Incident response playbooks: AI-specific scenarios for leaks, hallucinations, adversarial attacks
  • Biometric data: irreversible identifiers (facial images, fingerprints) require minimized retention and explicit consent
🌐
Source: AI Best Practices for Commerce, Section 5.5
Share

Last updated: March 12, 2026