News on April 3, according to Korean media reports, Samsung's device solutions (DS) department has only enabled the chatbot ChatGPT for more than 20 days, and there have been three data leakage accidents, resulting in information related to semiconductor equipment measurement, yield/defect, internal meeting content and other related information being uploaded to ChatGPT's server.
This incident immediately attracted the attention and heated discussion of the whole South Korean network. The DS division is in charge of Samsung's core semiconductor businesses such as memory, chip design, and wafer foundry, and has allowed employees to use ChatGPT since March 11 this year. As a result, three employees sent confidential data overseas in order to "save trouble".
OpenAI, an American artificial intelligence (AI) company, is the developer of ChatGPT, but the pot of these three leaks cannot be blamed on OpenAI. In the ChatGPT user guide, OpenAI has made it clear that the text content fed into the ChatGPT chat box will be used to further train the model, warning users not to submit sensitive information.
Samsung has taken emergency measures such as limiting the length of ChatGPT input problems and restricting the use of office computers, preparing protective measures to prevent similar information leakage accidents from happening again, and is considering building its own artificial intelligence service. At present, a number of overseas companies have taken measures to prevent or restrict employees from using ChatGPT.
1. 3 employees enter Samsung confidential data into ChatGPT
OpenAI, a U.S. startup, takes what users feed in ChatGPT and uses that data to further train the model. If the content of the user's question involves corporate secrets, the relevant content will be widely leaked. OpenAI also tells "don't enter sensitive content" in the ChatGPT user guide.
Samsung Electronics is concerned that information leakage such as internal corporate secrets may occur in the internal use of ChatGPT, and has been preventing the use of ChatGPT within the enterprise. But starting March 11, the DS department allowed the use of ChatGPT. Samsung's Device Experience Division (DX Division), which is responsible for video displays, home appliances, mobile communications, and medical devices, is currently banning the use of ChatGPT.
The reason why the DS department was allowed to use ChatGPT was that the head of the department felt that it was necessary for employees to recognize the changes that have taken place in contemporary technology. Samsung simply allowed the use of ChatGPT and issued an announcement to employees: "Pay attention to the security of internal information and do not enter private content." ”
Less than 20 days after the DS department implemented this operating policy, a worrying "internal information leak" accident occurred. Samsung Electronics has two "device information leakage accidents" and one "meeting content leakage accident." After learning the relevant facts, Samsung implemented "emergency measures" matters, including limiting the upload capacity of each issue to 1024 bytes. Samsung plans to investigate the history of the corporate information leakage and punish the employees concerned if necessary.
▲ChatGPT (Source: Yonhap News Agency)
An error occurred when employee A of Samsung Electronics' DS department was running the source code of the semiconductor equipment measurement database (DB) download program. So he copied all the problematic source code, typed it into ChatGPT, and asked for a solution.
Employee B enters ChatGPT for the entire relevant sources of program code written for "Device Measurement" and "Yield and Defects" and asks him to optimize the code.
Employee C converts the meeting content recorded with his smartphone into a document file through the NAVER Clova app and enters it into ChatGPT for the purpose of requesting the creation of meeting minutes.
Samsung Electronics informed employees of the above situation and reminded employees to use ChatGPT with caution. Samsung warned through an internal announcement: "The moment content is entered in ChatGPT, the data is sent to an external server and stored, and the company cannot take it back." If ChatGPT learns relevant content, sensitive content may be made available to an unspecified majority. ”
Samsung Electronics improves its understanding of generative AI and restricts the use of ChatGPT
Samsung Electronics is working on a plan to prevent the recurrence of information leakage accidents through ChatGPT. The company informed employees: "If a similar incident continues to occur after taking emergency measures for information protection, the company's intranet may block the ChatGPT connection." ”
A Samsung Electronics related person told a reporter who asked about the information leak: "Because it is an internal situation of the company, it is difficult to confirm. ”
▲South Korea's Samsung Electronics Corporation (Source: Yonhap News Agency)
Samsung Electronics believes that generative AI may change the semiconductor ecosystem and urges management to take countermeasures. On the 22nd of last month, an online seminar was held for all executives under the theme of "ChatGPT Launch, Generative AI Creates the Future". Han Jong-hee, vice chairman of Samsung Electronics, has emphasized the importance of ChatGPT and the need to improve understanding of generative AI.
In order to prevent the leakage of the company's main secrets and personal information in the future, the DX department conducts a questionnaire survey of the company's employees regarding the use of ChatGPT. The questionnaire included not only asking if you had experience using ChatGPT, but also asking about your views on the use of ChatGPT within the company.
Based on the results of the questionnaire, Samsung Electronics plans to establish internal regulations such as upload capacity limits or business PC (personal computer) usage limits, and share them with employees.
Samsung's Electronic Device Solutions Division (DS Division) posted a reminder on a recent bulletin board alerting to the misuse of ChatGPT. Each team leader also trained the team members on the available range of ChatGPT.
Third, major companies restrict the use of ChatGPT and formulate guidelines for the use of ChatGPT
Most of the semiconductor business is a state secret, and if you are not careful, you will upload internal information such as reports and leak secrets. In order to prevent information leakage through ChatGPT, POSCO, a global steel manufacturing plant giant, is preparing to use ChatGPT to guide employees through an internal intranet (corporate intranet). POSCO introduced ChatGPT functionality in its internal collaboration platform "Teams" to use ChatGPT only within internal systems, thereby enhancing both security and productivity.
According to a survey of 62 corporate HR leaders conducted by market research firm Gartner, 48% of them said they are developing guidelines for using AI chatbot businesses such as ChatGPT.
South Korea's SK Hynix, the world's second-largest memory chip giant, has banned ChatGPT from its intranet except when necessary.
LG Display, a leading Korean LCD panel company, emphasizes information security awareness such as internal information protection and leakage prevention at all times through internal company posts, education, events, etc. More and more companies overseas are restricting the use of ChatGPT for fear of leakage of confidential information. Companies are concerned that if information is entered into ChatGPT, AI may learn and leak it to the outside world.
Recently, US banks such as JP Morgan, Bank of America, Citigroup, Goldman Sachs, and Deutsche Bank have restricted the use of AI chatbots such as ChatGPT.
Japan's SoftBank Group recently informed all employees of precautions such as prohibiting the entry of confidential information in ChatGPT, and the group also plans to establish rules for which businesses or uses can use interactive AI, according to media reports such as the Nikkei Shimbun.
In Japan, Mizuho Financial Group, Bank of Mitsubishi UFJ, and Sumitomo Mitsui Banking Corporation have banned the use of interactive AI such as ChatGPT for business. In addition, Panasonic Connect, a subsidiary of Panasonic Holdings, allowed the use of interactive AI only after formulating information leakage countermeasures. Fujitsu has set up an "AI Ethics Management Room" to remind users to pay attention when using interactive AI.
A South Korean business official said that ChatGPT has always been a hot topic, and now everyone is trying to use and learn, and companies also need to be more vigilant about information leakage and other issues.
Conclusion: Samsung Electronics' corporate secrets were leaked, and protective measures for the use of ChatGPT were formulated
Shortly after Samsung Electronics approved the internal use of ChatGPT, the company's internal program content related to semiconductor "device measurement" and "yield and defects" was transmitted to the United States. ChatGPT has a high chance of leaking information on the chat interface and input, and there is no security guarantee about this. Companies realized this and immediately began to build a complete ChatGPT instruction manual to remind employees to use the software with caution.
ChatGPT is like a double-edged sword, while proposing various solutions to problems, it also exposes the questioner to the risk of input information being leaked. In order to use this software safely and effectively, it is also necessary to be cautious and do not enter any questions about confidential information of the company until there is a sound information protection system.
Source: Yonhap News Agency, South Korea's The Economist
![Folding screen: mobile phone manufacturers' "medicine for life"[fig]](data:image/gif;base64,R0lGODlhAQABAIAAAP///wAAACwAAAAAAQABAAACAkQBADs=)