Women in Electronics’ AI Tool Usage Policy

6.18.24 – v.1

Introduction

Artificial Intelligence (AI) tools are transforming the way we work. They have the potential to automate tasks, improve decision-making, and provide valuable insights into our operations.

However, the use of AI tools also presents new challenges in terms of information security and data protection. This policy is a guide for our employees, contractors, stakeholders, board members, directors, mentorship team, chapter teams, and volunteers (collectively, “WE Team Members”) on how to be safe and secure when using AI tools, especially when it involves the sharing of potentially sensitive company information.

Purpose

The purpose of this policy is to ensure that all who are authorized to conduct business on behalf of Women in Electronics/WE United use AI tools in a secure, responsible and confidential manner. The policy outlines the requirements that employees must follow when using AI tools, including the evaluation of security risks and the protection of confidential data.

With the increasing popularity of generative AI chatbots, as well as the many start-ups deploying industry specific AI technologies, it has become necessary to outline the proper use of such tools while working at and with Women In Electronics (“WE”).    While we remain committed to adopting new technologies to aid our mission when possible, we also understand the risks and limitations of generative AI (and of other forms of AI) and want to ensure responsible use of any AI tool. Our goal is to protect the company and WE Team Members, and stakeholders, from harm.

Policy Statement

As Women in Electronics gains a better understanding of the widespread use of Artificial Intelligence (“AI”) tools and formulates a comprehensive AI strategy, we wanted to provide these initial guidelines regarding the use of these tools to WE Team Members.  The use of AI tools for content creation may raise legal issues, such as data privacy issues, copyright infringement and fair use, and we also need to be careful about what company information is shared with and through AI tools.  On the other hand, we believe AI technology holds vast promise to revolutionize the way we work by increasing efficiencies, and we want to encourage an atmosphere in which we, as a team, can responsibly experiment with ways to innovate our processes.

Our IT department is currently is exploring areas in which AI can make our business processes more efficient and effective.   As of the date of this policy, all uses of AI technology to conduct WE business must first be approved by Women in Electronics, and once approved, any and all search queries using an AI Tool for that purpose must be conducted through WE corporate accounts (and not individual WE Team Members’ accounts).  WE does not authorize the use of AI notetakers on any meeting.  Please see virtual meeting protocols.

Our organization recognizes that the use of AI tools can pose risks to our operations and our Team Members. Therefore, we are committed to protecting the confidentiality, integrity, and availability of all data handled by Women in Electronics, WE Team Members and stakeholders.  This policy requires all of us to use AI tools in a manner consistent with the privacy laws of the State of California and our security best practices.

Security Best Practices

All WE Team Members are expected to adhere to the following security best practices when using AI tools:

a. Evaluation of AI tools:  WE Team Members must evaluate the security of any AI tool before using it, and submit a request for approval to use any AI tool for WE purposes. This includes reviewing the tool's security features, terms of service, and privacy policy. Employees must also check the reputation of the tool developer and any third-party services used by the tool.

b. Protection of confidential data: WE Team Members must not upload or share any data that is confidential, proprietary, or protected by regulation without prior approval from Women in Electronics.  This includes data related to employees, volunteers at any level, and WE strategic partners.

c. Access control: WE Team Members must not access AI tools to conduct Women in Electronics’ business without prior approval from the Executive Team and/or Marketing Team.

d. Use of reputable AI tools: WE Team Members should only request to use reputable AI tools and be cautious when requesting use of tools developed by individuals or companies without established reputations. Any AI tool used by WE Team Members must meet our security and data protection standards.

e. Compliance with security policies: WE Team Members must apply the same security best practices we use for all company data.  This includes using strong passwords, keeping software up-to-date, and following our data retention and disposal policies.

f. Data privacy: WE Team Members must exercise discretion when sharing information publicly. As a first step, employees must ask themselves these questions, "Is this information I’m loading already public information? "Would I be comfortable sharing this information outside of the company, and would WE be okay with this information being leaked publicly?"  “Am I prepared to take accountability for loading this information into this tool?” before uploading or sharing any data into AI tools. Next, step is to follow section b), above.

g. Request for Permission to use AI for Women in Electronics’ business:  In the event you wish to use AI while conducting Women in Electronics’ business, direct your request by email [email protected], and add the words “REQUEST FOR AI TOOL USE”  in the subject line of the email, along with the complete URL of the AI tool you wish to use in the Subject Line in the Email.    In the body of the email,  provide the following information;  1)  The Deliverable or Work Product you wish to create using the proposed AI tool; and, 2) Identify whether the AI tool deletes uploaded source material or retains said material, and provide a link to any AI site’s policy on data handling.  WE will handle requests promptly upon submission, however, it may request additional information from you regarding the nature and purpose of your proposed use of an AI tool before reaching a decision, in the event your written request does not provide enough specificity for WE to determine the attendant risks of use.   WE will document your use of an approved AI tool, once permission to use the tool is granted. 

Review and Revision

This policy will be reviewed and updated on a regular basis to ensure that it remains current and effective.  Any revisions to the policy will be communicated to all WE Team Members.

Conclusion

Our organization is committed to ensuring that the use of AI tools is safe and secure for all employees and customers, as well as the organization itself. We believe that by following the guidelines outlined in this policy, we can maximize the benefits of AI tools while minimizing the potential risks associated with their use.