Confidential documents and conversational AI

Confidentiality is key in any profession, especially as it related to client-consultant relationships. I’m hard pressed to find confidentiality foregrounded in architectural codes of practice, but it is crucial in law and financial services. The Handbook of the Financial Conduct Authority, for example, states that a financial advisor (a “skilled person”)

“may not pass on confidential information without lawful authority, for example, where an exception applies under the Financial Services and Markets Act 2000 … or with the consent of the person from whom that information was received and (if different) to whom the information relates.”

Can providers of professional services deploy conversational AI platforms to supplement or even replace some of their consultation roles. In most real-world professional services delivered entirely by humans the “skilled person” exists within a network of relationships. Not every agent in that network needs to have full information. Nor, in the interests of client or proprietary confidentiality, should they. Here’s an example of the challenge.

Asking for a loan

Imagine that a loan company says it will issue me with a reverse mortgage (equity release) on my house if I have over £200k share in the property, if I am over the age of 55, I have a regular income above £20k per year, and I’m not supporting any dependents. The data showing that I meet those criteria is confidential. I don’t want creditors, associates or family members to see it. Imagine that I meet the criteria for the reverse mortgage. I could ask the loan company to confirm that I am eligible, but please don’t disclose the conditions or the facts to anyone else. I will take the firm’s reply as certification of my eligibility and just show that to a relevant third party, e.g. a vendor, debtor, bank, etc.

That’s not so difficult for human agents to manage in a professional contexts, as long as the players know their roles, what they can and cannot say and are committed to appropriate confidentiality protocols.

I’ve put the scenario to a conversational AI (ChatGPT3) session, stating the conditions for the reverse mortgage, delivered my data, and asked it in its reply to please confirm that I am eligible, but without disclosing any of my data in that reply. I would treat its reply as certification to show to a third party.

It was a complicated request to put to an AI, which would benefit from the ability to do some rudimentary calculation and rule-based logic, but the GPT3 platform balked at the idea that it was being asked to preserve confidentiality, making the obvious case that the platform relies on training from corpora of texts from diverse sources, including (possibly) conversations such as this one. (I’ve not yet tried this with GPT4.)

Zero-knowledge proof

What I was doing was attempting to invoke from the conversational AI platform aspects of the performance of a zero-knowledge proof (ZKP) service. According to a helpful blog by Lexie.

Zero-knowledge proofs are encryption schemes used to prove that you know something without revealing what it is. For example, you can show without a doubt that you know the answer to a puzzle without actually disclosing the solution.

I was asking the AI to confirm that something was true without disclosing how it knew that. Conversational AI might indeed benefit from ZKP strategies to secure its data, but as yet seems unable to perform that professional function in conversational mode, as would a (human) professional agent.

Conversational AI is so far modelled on the performance of two agents (the user and the platform) interacting with one another, and as yet does not handle multiple synchronous and asynchronous interactions between groups of agents, amongst whom varied protocols of confidentiality apply.

Top secret documents

Another example is the requirements of a jury to decide on a case that involves the theft of top secret and highly classified documents. How can jurors and lawyers reason about the content of those documents without having the necessary security clearance, i.e. without knowing the content or even the value of those classified documents?

I asked ChatGPT how it could help in such a case. Helpfully, it outlined six strategies to address the challenge, including document redaction, use of expert testimony and extending security clearances. It drew attention to its potential role in research, definitions, advice, procedures, and sorting documents in relation to the case, but abrogated any role as juror or legal agent:

“while a conversational AI platform can provide valuable assistance, it cannot replace the expertise and judgment of human legal professionals. Its role is to provide information, support research, and offer guidance within the legal framework established by the court and relevant authorities.”

When I put to it the potential role of zero-knowledge proof it provided helpful information about how ZKP could be deployed for this confidential documents case, but did not offer it as a service that could be accomplished by current conversational AI. I pressed it on prospects and it explained the benefits of generating, verifying, explaining, integrating and protecting ZKP measures in future iterations of conversational AI.


Leave a Reply