Episode 47 — Address AI and ML privacy considerations before models ship to production (Domain 4C-5 AI/Machine Learning (ML) Considerations)
This episode explains AI and ML privacy considerations in a way that maps to CDPSE objectives, focusing on what must be decided before a model ever reaches production. You’ll learn how training data sourcing, lawful basis, consent alignment, and purpose limitation apply to model development, and why “we only store embeddings” or “we removed names” is not enough if the underlying data remains personal or sensitive. We’ll cover lifecycle governance for models, including documentation of data provenance, feature selection that avoids unnecessary sensitive signals, retention rules for training artifacts, and access controls for datasets, model weights, and inference endpoints. You’ll work through scenarios like using support transcripts to train models, vendor-hosted AI services, and fine-tuning with customer data, practicing best actions that reduce privacy risk while producing auditable evidence and enforceable controls. Produced by BareMetalCyber.com, where you’ll find more cyber audio courses, books, and information to strengthen your educational path. Also, if you want to stay up to date with the latest news, visit DailyCyber.News for a newsletter you can use, and a daily podcast you can commute with.
