Ask a security trainer: Time to update your newsroom AI safety policies?

Welcome to “Ask a security trainer,” the column where the digital security training team at Freedom of the Press Foundation (FPF) answers your burning questions at the intersection of journalism and security. Submit yours here! Let’s jump right into this week’s question.

Dear DST,

I’m sure you’ve been hearing no shortage of stories about how organizations are using artificial intelligence. Sometimes employees are doing so without their employer’s knowledge. We’re just now thinking through how we will need to update our security policies to account for what’s allowed and what’s not allowed with AI. Is this something you’ve run into?

Signed,

Proto Protocol

Hi Proto,

We have been getting a lot of questions from journalists about acceptable use policies when it comes to AI safety in the newsroom. I am speaking about AI safety specifically, versus AI strategy more broadly, which may include a variety of other issues, such as whether and how to use AI in your publications. That’s a separate column. Meanwhile, there are sometimes considerable safety risks with some of these tools (e.g., maybe don’t allow your agent to nuke your live production environment and backups), so the best time to have that policy discussion is now.

But this is trickier than it sounds. AI tools are not always dedicated stand-alone apps like ChatGPT or Otter.ai. They may be bundled into existing tools you already use, such as Gemini in Google products. Likewise, you may also choose to use “agents” that can perform actions autonomously on your behalf, such as those built into your browser or into tools like OpenClaw, which you can give permission to access and control your operating system.

We really need to be clear on what categories of tools we’re talking about. It’s a virtual menagerie of technologies that could be affected by these policies, so you should take stock of where they are in use across your organization to account for the categories that apply to you.

Because of the variety of possible use cases, and the way tools change all the time, an acceptable use policy needs to describe what information shouldn’t be fed into entire categories of AI services. If some types of information are allowed to be ingested into an AI tool, you may have guidelines about how to do that most safely. Similarly, if there are exceptions, make sure they are spelled out. And clarify, perhaps in your employee handbook, what resources are available to employees for using these tools.

Unless you self-host and run a model locally on your computer, you’re probably connecting to a cloud service that may retain data about what you upload. Think about and write down what kinds of information should not be shared outside of your organization.

Every newsroom is different, but common types of risky data may include confidential employee information (e.g., home addresses, phone numbers), client information (e.g., a contractor’s tax-related documents), internal credentials (e.g., passwords, API keys), and information about sources (e.g., audio and transcriptions). Perhaps you already have a confidentiality policy in place. If not, this is an opportunity to clarify with your team what this means.

For categories of tools that are acceptable, you may still need to have guardrails about how to use certain tools more safely. These may include exceptions to your usual guidance. For example, you may choose to prohibit confidential documents from being processed in the cloud, but make an exception for processing locally on your own device (e.g., using LM Studio or GPT4All). Likewise, maybe confidential interviews cannot be processed with online tools like Otter.ai, but they could be processed on your own computer using OpenAI’s Whisper models.

Finally, what are the internal resources you have to offer to ensure everyone has the support they need to fulfill their end of the agreement? Will they have any technical support, training, or funding? This will help employees determine how to troubleshoot any issues they may run into if they do use these tools, and to use them in the appropriate ways.

This rabbit hole is deep, and there’s much more to say here. If this is something that your newsroom needs support developing, reach out. A real, live human will respond to you with emails we nearly always write ourselves, the old-fashioned way.

Best,
Martin Shelton