Hi,
On 18/02/26 at 23:37 +0100, Lucas Nussbaum wrote:
> 7. **Confidentiality and Privacy:** Contributors must not use generative AI
> tools with non-public or sensitive project information (such as embargoed
> security reports or private communication), as this may lead to the
> unintended disclosure of confidential data to the tool’s providers.
In private feedback, it was pointed out to me that this would
unnecessarily forbid the use of local-running models, or of a
hypothetical Debian-provided inference server.
I've updated my draft with:
7. **Confidentiality and Privacy:** Contributors must not use generative AI
tools that transmit data to untrusted providers with non-public or
sensitive project information (such as embargoed security reports or
private communication), as this may lead to the unintended disclosure of
confidential data.
word-diff:
7. **Confidentiality and Privacy:** Contributors must not use generative AI
tools {+that transmit data to untrusted providers+} with non-public or
sensitive project information (such as embargoed security reports or
private communication), as this may lead to the unintended disclosure of
confidential [-data to the tool’s providers.-]{+data.+}
Lucas
