The Confidential AI Checklist
The confidentiality of an AI system is expressed by its security and privacy guarantees
See how we compare
Security Score
Privacy Score
Compliance Score
Our Criteria
Security Guarantees
- Prompts and metadata are never stored or logged beyond the processing of the request, for debugging, service management, or any other purpose
- The system provides provable guarantees about the exact model, model version, and operating environment for each and every request
- Prompts and metadata are guaranteed to never be used in training AI models
- Prompts and metadata are guaranteed to never be shared with a third party
Privacy Guarantees
- All interactions are provably guaranteed to be anonymous β no one can determine which user is associated with any individual interaction
- Prompts and metadata cannot be decrypted if the operatorβs LLM environment does not match what is claimed or expected
- A client can verify that its traffic is not being modified or tampered with via cryptographic controls
- The provider does not have access to inspect any private computation or user interactions
- No one can access unencrypted user data
Compliance Certifications
- GDPR The General Data Protection Regulation, abbreviated GDPR, is a European Union regulation on information privacy in the European Union and the European Economic Area.
- SOC2 a security framework that helps companies demonstrate that they've implemented controls to protect customer data
- CSA STAR (coming soon) The Security, Trust, Assurance, and Risk (STAR) Registry is a publicly accessible registry that documents the security and privacy controls provided by popular cloud computing offerings.
Want the full PDF?
Get guarantees,
not promises
Finally, AI is available for private, secure, and compliant use cases
Sign Up