This website uses cookies so that we can provide you with the best user experience. By using this website, you consent to the use of cookies. Learn more about our use of your data by reading our Privacy Policy.

Accept Privacy Policy
Apply Visit Campus Request Info Give
Students, Faculty, and Staff Search Menu

ITS Policies & Procedures

ITS / Policies / AI and LLM Use Policy

Artificial Intelligence and Large Language Models (AI & LLM) Use Policy

Policy #: LFC.ITS.18
Date: 10/24/2024
Author: LFC ITS
Version: 1.0
Status: Approved

OVERVIEW

This policy outlines the acceptable use of Artificial Intelligence (AI) and Large Language Model (LLM) tools at Lake Forest College. As these technologies grow in popularity, it is crucial to understand and mitigate the potential risks they can pose to data privacy, security, and regulatory compliance. While these tools can offer significant benefits across a wide range of applications, users must employ them responsibly and in alignment with existing College policies.

1. PURPOSE

The purpose of this policy is to establish guidelines for the use of Artificial Intelligence (AI) and Large Language Models (LLMs) within the College, with a focus on data privacy, security, and regulatory compliance. This policy’s focus is specifically on addressing the risks associated with uploading data to AI/LLM services, upon which models may be trained or improved, and does not seek to provide academic guidance in the use of these tools in teaching or learning. Users must ensure that they are using AI/LLMs in compliance with all College policies, particularly those governing the protection of sensitive data and academic integrity.

2. SCOPE

This policy applies to all students, faculty, staff, and third-party contractors using AI/LLM tools while engaged in College work or providing products or services to the College. This policy governs the use of any AI/LLM tools when working with College data, regardless of whether the AI/LLM services are free or paid services or whether the user’s sign-in to such a service is a personal or College-provided account, and addresses the responsibilities of users to protect data in compliance with College regulations.

3. AI & LLM Use Guidelines:

3.1 No College-Provided Tools: The College currently does not provide or endorse any specific AI/LLM tools. Users are responsible for adhering to this policy when using AI/LLM services and must be mindful of other College policies related to acceptable use, information security, data governance, and regulatory compliance.

3.2 Applicability to All Services: Whether an AI/LLM service is free or accessed via a paid personal account, users are bound by the provisions of this policy and all related College policies regarding data security, privacy, and intellectual property.

3.3 Prohibited Upload of Copyrighted Material: It is prohibited to upload copyrighted materials or intellectual property that you do not own to any AI/LLM tool. Currently, the legal framework surrounding the use of copyrighted content for AI model training is evolving, and there are ongoing debates about who may authorize that training. Some jurisdictions and copyright holders assert that explicit permission is required to use copyrighted materials for AI training, while others argue that certain uses may fall under "Fair Use" exceptions, though this has not been conclusively determined by courts. Until clearer guidelines are established, users must assume that uploading copyrighted materials to AI/LLM platforms without authorization may violate copyright laws and College policies, potentially resulting in legal and disciplinary consequences.

3.4 Prohibited Upload of Confidential Data: There is often little disclosure about how AI/LLM models currently store and process data, or incorporate trained data into generated content. As a result, AI/LLMs have unexpectedly exposed data to unintended parties. Such an event occurring with College data could pose serious security and compliance risks to the College. As such, users must not upload private, sensitive, or confidential College data to AI/LLM tools, where data may violate regulatory compliance-mandated data retention policies.

3.5 Prohibited Upload of Protected Information (PI): It is a violation of College policy to upload or otherwise provide student or employee Protected Information (PI) to any AI/LLM. This includes, but is not limited to, social security numbers, financial data, academic records, and medical information. For a comprehensive list of the types of PI governed by laws such as the Gramm-Leach-Bliley Act (GLBA), consult the College's Information Security Policy.

4. POLICY VIOLATIONS:

The College may issue a warning, deny access to computing resources, refer for prosecution, or administer other penalties, depending upon the nature of the infraction. Violations will be handled according to normal disciplinary review procedures for students, faculty, or staff as applicable and may result in disciplinary action, up to and including suspension without pay, termination of employment, expulsion from further study, or for third parties, the suspension or revocation of the third party’s relationship with Lake Forest College. Unauthorized use of AI/LLM tools that compromise the College’s data security or compliance with regulatory obligations may also result in legal consequences.

RELATED POLICIES:

Document Control:

Entry#: Date Version Notes
1 10/24/2024 1.0 Submitted to LITS Advisory Committee for review
2 11/21/2024 1.0 Reviewed and approved by LITS Advisory Committee
3 12/05/2024 1.1 Reviewed and approved by the Senior Leadership Team

Information Technology Services