Effective: 10/28/2024
Senate Proposal: No
Responsible University Officer: Chief Information Security Officer
Responsible Office: Information Technology
Introduction
Like other technological developments, generative artificial intelligence (“AI”) can be used to significant positive benefit but can also be misused with significant negative consequences.
To ensure responsible use of tools that are frequently evolving and to protect the reputation, intellectual property, equity, and privacy of Michigan Technological University (“MTU”, “University”) and its students, employees, volunteers and other affiliates, this policy provides high level considerations and guidance for University affiliates intending to make use of AI tools in their university-affiliated capacity.
This policy consists of five overarching considerations, along with context for each. Where possible, exception handling information is also provided. Administrative units of MTU may devise their own AI-related policies and procedures consistent with this policy and other applicable university policies, protocols, and procedures, as set forth in University Policy 1.01
Process
Consideration I – Submission
Avoid submitting MTU data classified as tier 1 (confidential or restricted)[1] with AI tools.
Context: Generally, there is no expectation of privacy when using AI tools, as the data inputted to the tool may be used for training or other purposes and could potentially be shared as output to a subsequent request by an unaffiliated entity. As such, only publicly available or non-sensitive data should be shared with AI tools.
Where a contract or other legal agreement provides explicit protections to MTU data, tier 1 data may be permissible to be used with an AI tool, but only with the written consent of the Chief Information Officer, Chief Information Security Officer, or General Counsel.
MTU’s data classification schedule [1] provides relevant details on data types, regulatory and contractual considerations, and examples of covered data. Note that just because data is not obviously labeled with a classification does not mean it is not classified. The data owner is responsible for data classification.
Consideration II - Consent
Obtain the consent of data owners before sharing any data with AI tools. Inform participants if AI tools will be used in meetings or other shared engagements. Participants must have the ability to opt-out of such use.
Context: Because shared data may be permanently stored, modified, or reused by the AI tool without warning, credit, or limitation on use, it is critical that any usage of non-public data with an AI tool have the consent of the data owner prior to use. If the data owner cannot be identified, the data cannot be used with any AI tools. Note that even publicly available data may be protected by copyright and/or may have limitations on use.
Consideration III – Review
Review the output of AI tools prior to use or publication to ensure accuracy and relevance.
Context: Research has shown that AI tools may exhibit bias based on the data used for training and that such bias may be incorporated into their output. Additionally, there are numerous publicized instances of false information provided by AI tools being used in professional settings that exposed the submitter to potential adverse legal, reputational, or other actions. MTU affiliates must evaluate the output of any AI tool to ensure that it is accurate, relevant, and does not infringe on copyright or violate any laws or ethical norms based on its intended use.
Consideration IV - Compliance
Ensure compliance with applicable laws, university policies, and relevant terms of use or license agreements provided by AI tools or the data being supplied to the tools.
Context: Although this policy attempts to provide reasonable guidance on the use of AI tools, it cannot address all potential use cases. As such, it is critical that anyone intending to utilize AI tools identify and understand all relevant laws, policies, contract terms, and other such requirements both before leveraging AI tools and before utilizing any output from such tools. For example, data use agreements may stipulate additional restrictions on data that might otherwise not be subject to regulatory or statutory protection. Publicly accessible data may be subject to a license agreement that governs its use.
Consideration V - Disclosure
Disclose use of AI tools as required by the entity receiving the AI-facilitated content, but in all cases where such use represents a significant component of the final product or deliverable (for the avoidance of doubt, this means more than 25% of the final product/deliverable).
Context: Academic integrity and professional ethics require honesty and transparency in their respective environments. This extends to bodies of work developed by students, employees, volunteers, and other MTU affiliates for or on behalf of MTU. Failure to disclose the use of AI tools in the development of any deliverable could lead to allegations of plagiarism or academic or professional misconduct and could adversely impact individual or organizational reputation and result in limitations on applying for grants or contracts, on participation in internal or external committees and groups, or other adverse actions. MTU affiliates are encouraged to disclose any use of AI tools, and are required to do so if the use represents a significant component of the final product or deliverable.
Definitions
Affiliate: any individual or group officially attached to the university, such as a contractor, an organization with whom the university has another applicable agreement, or a consultant.
Generative artificial intelligence: For purposes of this policy, generative artificial intelligence refers to artificial intelligence tools that have been trained with datasets and which can create new and original content (audio, video, pictures, text, etc.) using those datasets when prompted by the user of the tool.
Related Information
[1] - https://www.mtu.edu/it/security/policies-procedures-guidelines/data-classification-protection-standards.pdf
Adoption Date
10/28/2024 Approved by University President