JLT

Tag: AI Safety

  • AI Governance Frameworks Have an Operational Gap Problem

    Most enterprises now have an AI policy. Many have a Chief AI Officer. Some even have a formal governance document with sections on acceptable use, data classification, and human oversight. What most enterprises do not have is operational control over AI running in production.

    The gap between policy and practice is not a awareness problem. Every board-level stakeholder I have spoken with in the past year knows AI governance matters. The gap is operational. Policies exist. Systems to enforce them at scale do not.

    Where the Disconnect Lives

    The core issue is straightforward: AI adoption is happening faster than governance infrastructure can track. The typical enterprise AI policy was written six to twelve months after employees started using AI tools. By the time the policy codifies what the organization has decided about AI, the organization has already moved.

    This is not unique to AI. Security teams have been dealing with shadow IT for decades. The difference is that AI tools are easier to adopt, harder to detect, and more likely to touch sensitive data than most shadow IT has ever been.

    Consider the practical attack surface that security teams now need to cover:

    • Employee use of personal AI accounts on company devices
    • API keys embedded in code that gets committed to repositories
    • AI tools processing customer data with no data processing agreement
    • Autonomous agents with access to email, calendar, and internal systems

    None of these scenarios appear in most AI governance documents. They do appear in incident reports, which is where the gap becomes visible.

    Why Traditional Controls Do Not Transfer Directly

    Security teams have built muscle around familiar threat models: malware, unauthorized software, data exfiltration through known channels. AI introduces new vectors that do not map neatly onto existing controls.

    Detecting a malicious AI tool is harder than detecting unauthorized software. The tool may be a legitimate application that is being used in an unauthorized way. The data may be going to an approved API endpoint that is not enforcing the organization’s data retention policies.

    Human oversight requirements create their own challenges. Most governance frameworks call for human review of AI outputs in high-stakes scenarios. In practice, this means very little unless the organization has built systematic enforcement rather than relying on individual judgment calls.

    What Operational Governance Actually Requires

    Organizations that are managing this gap effectively have made several operational choices that go beyond policy writing:

    • Data classification comes before AI adoption. You cannot govern what you have not classified. AI tools processing unclassified data are impossible to audit.
    • API key management is an AI governance problem. Personal API keys used in company environments bypass every enterprise control. Technical enforcement of approved key management is operational basics.
    • Human oversight needs workflow integration. Calling for human review in a policy document and enforcing it in the actual workflow are different projects entirely.
    • Agentic AI requires a new governance scope. Autonomous agents that can take actions across systems introduce accountability gaps that traditional AI governance does not address.

    The common thread is that these are engineering and operational problems, not policy problems. The organization that treats AI governance as a compliance exercise will produce documents. The organization that treats it as an operational security challenge will build systems.

    The Gap Will Widen Until the Incentive Structure Changes

    Right now, the teams adopting AI fastest have the least incentive to slow down for governance. The teams responsible for governance have limited visibility into what is being adopted. This is not a failure of either team. It is a structural mismatch that will persist until organizations build feedback loops between adoption and oversight.

    The organizations that figure this out will not be the ones with the most comprehensive policy documents. They will be the ones that close the loop between what employees are actually doing and what the governance team can actually see.

    What is your organization doing to close the operational gap between AI adoption and governance visibility?

  • The Hidden Cost of Free AI: What You’re Actually Paying For

    We live in the golden age of free AI models. Thanks to platforms like OpenRouter, anyone with an internet connection can spin up a session with a model that would’ve cost thousands of dollars in compute just a year ago. No credit card, no API keys (mostly), no commitment. Just type and watch the magic happen.

    But let’s talk about the thing nobody puts in the marketing copy.

    The Bill Always Comes Due

    Here’s the uncomfortable truth about “free” AI: compute isn’t free. Electricity isn’t free. GPU clusters aren’t free. The engineers who fine-tuned those models aren’t working for exposure. Someone is paying the bill.

    When the platform isn’t you, the product is.

    Free tiers on AI platforms typically sustain themselves through a combination of strategies, and it’s worth understanding exactly how your “free” session is being funded:

    Data collection and model improvement. Every prompt you send, every correction you make, every conversation you have is logged, anonymized (we hope), and fed back into the training pipeline. Your real-world questions become the fine-tuning data that makes the next version smarter. You’re not the customer. You’re the labeling workforce.

    Rate limiting and quality routing. Free tiers often get routed to lower-tier inference endpoints. Your requests might hit oversaturated servers, get batched in ways that reduce quality, or be deprioritized when demand spikes. Meanwhile, paying customers get the fast lane. This isn’t malicious — it’s basic economics. But it means your “free” experience is intentionally throttled.

    The upsell funnel. Free access is the best marketing tool in the world. Once you’ve built a workflow around a free model, hitting a rate limit or needing a slightly better model makes the $20/month upgrade feel like a no-brainer. The free tier is a trial that’s genuinely useful — but it’s a trial designed to create dependency.

    The Privacy Tradeoff

    Here’s the part that should give you pause: when you type something into a free AI, where does it go?

    Terms of service for most free-tier services include broad language about data usage. Your conversations might be stored for “service improvement,” “safety monitoring,” or “research purposes.” If you’re pasting code snippets, business logic, or personal information, you’re trading that data for convenience.

    This matters more than you think. A developer pastes proprietary code into a free model to debug a tricky bug. A founder shares their go-to-market strategy with a chatbot for feedback. A student submits their thesis for editing help. All of it becomes part of someone else’s dataset.

    There’s no conspiracy here. It’s the same bargain we’ve been making with free internet services for twenty years: your data for convenience. The difference is that with AI, your data isn’t just your search history — it’s your actual thinking process.

    What You Can Do About It

    This isn’t a “stop using free AI” message. Free AI is democratizing access to powerful technology, and that’s genuinely great. But here’s how to be smart about it:

    • Assume everything you type is logged. Don’t paste code, credentials, trade secrets, or personal information into free-tier models. If it wouldn’t be appropriate on a billboard, don’t type it.
    • Use free models for exploratory work. Brainstorming, learning, casual writing — these are perfect use cases for free tiers. Save paid, privacy-respecting options for anything sensitive.
    • Read the privacy policy. I know, nobody does this. But the difference between “we anonymize and aggregate your data” and “we may use your inputs for commercial purposes” is worth knowing.
    • Consider local models for sensitive tasks. Open-weight models that run on your own hardware — which we’ll cover in a future post — give you the power of AI without the data surrender. It’s not free (you need compute), but it’s private.

    The Bottom Line

    Free AI is an incredible resource, and it’s not going anywhere. The providers offering it aren’t charities — they’re running a sustainable business model that extracts value in ways that may never touch your wallet but will touch your data.

    That’s not necessarily bad. But knowing the cost lets you make informed decisions about what you share, when you share it, and when you should invest in something that respects your privacy as much as your intelligence.

    What’s your threshold for pasting something into a free AI model? Do you have a “no personal data” rule, or do you treat it like a trusted colleague? I’d love to hear where you draw the line.

  • The Security Paradox: Why Open-Weight Models Might Be Safer Than Closed APIs

    The recent leak of Claude Code’s source code has reignited a classic debate in the tech world: is it better to keep your code a “black box” or to open it up to the world? While the immediate reaction to a leak is panic, many security researchers argue that the future of safe AI actually lies in open-weight models like Qwen or Llama.

    The Fallacy of “Security Through Obscurity”

    For years, companies have relied on the idea that if hackers can’t see the code, they can’t break it. This is known as “security through obscurity.” But as the Claude leak showed, obscurity is fragile. Once that single .npmignore line was missed, the entire fortress was exposed.

    In contrast, open-weight models operate on Lincoln’s Law: “Given enough eyeballs, all bugs are shallow.” When a model’s weights and architecture are public, thousands of independent researchers can audit it for biases, backdoors, and security flaws simultaneously.

    The “White-Hat” Advantage

    When a vulnerability is found in an open model, it’s usually patched quickly because the community is invested in its success. With closed APIs, users are forced to trust that the provider is fixing issues without any way to verify it. In the high-stakes world of AI agents—where a model might have permission to delete files or transfer money—this transparency isn’t just a nice-to-have; it’s a necessity.

    Balancing Openness and Safety

    Of course, open models aren’t a silver bullet. They can be misused by bad actors who want to strip away safety guardrails. However, the trend toward “open-weight” (where the model is free to use but the training data might remain proprietary) offers a middle ground. It allows for rigorous security auditing while still protecting the company’s core data assets.

    As we move toward more autonomous AI, the question isn’t whether we should open up our models, but how quickly we can build a security ecosystem that supports them.

    Do you trust closed AI models with your sensitive data, or do you prefer the transparency of open-weight alternatives? Let me know your thoughts.

Powered by
Necessary cookies enable essential site features like secure log-ins and consent preference adjustments. They do not store personal data.
None
Functional cookies support features like content sharing on social media, collecting feedback, and enabling third-party tools.
None
Analytical cookies track visitor interactions, providing insights on metrics like visitor count, bounce rate, and traffic sources.
None
Advertisement cookies deliver personalized ads based on your previous visits and analyze the effectiveness of ad campaigns.
None
Powered by