CP
cyberpings
AI & SecurityMEDIUM

AI Security - GitHub Uses User Data for AI Training

HNHelp Net Security
GitHubCopilotAI trainingdata privacy
🎯

Basically, GitHub will use your coding data to make its AI better unless you say no.

Quick Summary

GitHub is changing how it uses user data for AI training. This affects Copilot Free, Pro, and Pro+ users. Understanding these changes is vital for your data privacy.

What Changed

GitHub recently announced a significant update regarding how it utilizes user data to enhance its AI-powered coding assistant, Copilot. Starting April 24, interaction data from users of Copilot Free, Pro, and Pro+ will be collected to train and improve GitHub's AI models. This change does not affect users of Copilot Business and Copilot Enterprise, who will continue to have their data excluded from such training unless they opt in.

The decision to incorporate user interaction data marks a shift from GitHub's previous practice of relying solely on publicly available data and curated code samples. Now, the company aims to leverage real-world developer interactions to refine its AI capabilities, which include generating more accurate code suggestions and identifying potential coding issues earlier in the development process.

Who's Affected

This update primarily impacts users of Copilot Free, Pro, and Pro+ versions. If these users do not opt out, their interaction data—including prompts, generated suggestions, and feedback—will be used for model training. However, users who have opted out previously will not be affected by this change and do not need to take any further action.

Importantly, GitHub assures that data from private repositories, issues, and discussions will not be utilized for training purposes. This means that sensitive information remains protected, and only interaction data from users who consent will be used.

What Data Will Be Used

The data that GitHub plans to collect includes various aspects of user interactions with Copilot. This encompasses:

  • Prompts sent to Copilot
  • Suggestions generated by the AI
  • Accepted or modified outputs
  • Code context, comments, and documentation
  • File names and repository structure
  • User feedback on suggestions

By analyzing this data, GitHub aims to better understand developer workflows and improve the overall performance of its AI models. The company emphasizes that this data will be shared only with its affiliates, such as Microsoft, and not with independent third-party AI model providers.

What You Should Do

For users concerned about privacy, it is essential to review your settings in GitHub. If you wish to opt out of having your interaction data used for AI training, you can do so easily. Those who prefer to contribute to the improvement of GitHub's AI models can continue using the service without any changes.

As GitHub's CPO, Mario Rodriguez, stated, “Your contributions make a meaningful difference in building AI tools that serve the entire developer community.” Staying informed about these changes can help you make better choices regarding your data privacy while enjoying the benefits of AI-assisted coding.

🔒 Pro insight: GitHub's shift to user data for AI training reflects a growing trend in tech, emphasizing the need for transparency in data usage.

Original article from

Help Net Security · Anamarija Pogorelec

Read Full Article

Share

Related Pings

MEDIUMAI & Security

AI Security - OpenAI Expands Bug Bounty for Safety Risks

OpenAI has launched a new Safety Bug Bounty program to address AI abuse and safety risks. This initiative invites researchers to report vulnerabilities that traditional security measures may overlook. It's a significant step towards enhancing AI safety and protecting users from potential harm.

Infosecurity Magazine·
HIGHAI & Security

AI Deepfake - Brit Lawmaker Confronts Big Tech Executives

A British lawmaker confronted Big Tech over an AI deepfake scandal. The incident raises critical concerns about misinformation's impact on democracy. Tech giants struggled to provide answers, highlighting the need for accountability.

The Register Security·
HIGHAI & Security

AI Security - Supply Chain Attack Targets LiteLLM Gateway

A serious supply chain attack has compromised the LiteLLM AI gateway, impacting sensitive data across multiple organizations. This incident highlights the risks of software vulnerabilities. Immediate action is required to secure affected systems and prevent data theft.

Kaspersky Securelist·
HIGHAI & Security

AI Security - Key Issue for Voters in US Midterms

AI regulation is heating up as the US midterms approach. Trump's recent executive order limits state control, raising alarms among voters. This shift could redefine political alliances and impact future policies.

Schneier on Security·
MEDIUMAI & Security

AI Security - OpenAI Launches Safety Bug Bounty Program

OpenAI has launched a new Safety Bug Bounty program to identify AI-specific vulnerabilities. This initiative targets safety risks that traditional security measures may miss. It's a significant step towards enhancing AI system protection and addressing unique challenges in AI security.

Cyber Security News·
MEDIUMAI & Security

AI Security - DataBahn Introduces In-Stream Intelligence

DataBahn has unveiled AIDI, a revolutionary system for security data pipelines. This innovation helps organizations ensure data integrity and speed up threat detection. With AIDI, security operations become more efficient and effective. Organizations can now trust their data before it reaches critical systems.

Help Net Security·