Understanding the Benefits and the Risks
AI is transforming the ways that we work. Using tools like ChatGPT, Copilot, Google Gemini, and NotebookLM are now becoming a daily part of many workflows on campus. As AI usage increases, it’s imperative we understand how to use these tools safely.
Artificial intelligence can improve one's research, coding, and analysis. However, the same technology also enhances the abilities of cybercriminals. With access to large language models, attackers can quickly generate highly personalized phishing emails or scams that are harder to detect.
Another key concern with many AI tools is data leakage, which is the unintentional exposure of private or sensitive information. Some AI applications may store, share, or reuse whatever users input. A simple prompt could accidentally send confidential data into models that are not designed to protect it.
UCSB’s Approved AI Tools
All UCSB non-student employees now have access to the Google Gemini Web App and NotebookLM through campus-issued Google accounts. These tools allow users to generate content, summarize documents, and improve researching efforts.
Through the UC licensing agreement, UCSB users have:
- Access to Google’s latest models and features
- Data protection under UC privacy policies
- No use of campus data to train Google’s AI models
- No human reviewers accessing conversations
To learn more about this agreement, click here.
Using Non-Approved AI Tools?
When you use tools other than Google Gemini Web App and NotebookLM, like OpenAI’s ChatGTP, you may lose control over how your information is stored or used. Many public AI services use your data to train future models or share it with third parties.
For best practices on safe AI use:
- Do not share personal details (home address, phone number, SSN, ID numbers).
- Avoid inputting sensitive or proprietary data into public AI tools.
- Check the privacy and data policies of any AI platform you use.
- Be cautious with original or unpublished work because it is once shared, it may not remain private.
Privacy Rights and Legal Context
Unlike the European Union, the United States does not have a single comprehensive data privacy law. However, California residents are protected under the California Consumer Privacy Act (CCPA), which ensures:
- The right to know what personal data is collected and how it is used
- The right to delete personal information (with some exceptions)
- The right to opt out of the sale or sharing of personal data
Further amendments have been approved which will take effect January 1, 2026, covering additional topics such as automated decision-making technology (ADMT), risk assessments, and cybersecurity audits. To learn more about these changes, check out Navigating New California Consumer Data Rights.
AI tools can be powerful in research, teaching, and even administrative work at UCSB, but it is crucial to continue to use best security practices in order to ensure you are protecting your own privacy and the privacy of our campus. By choosing approved tools, protecting sensitive data, and staying aware of privacy responsibilities, we can embrace technology while ensuring the safety of our community and information.