The latest PwC insight shows that many CEOs have embraced the efficiencies that generative AI can bring to their business, with 51% of respondents saying they had already integrated AI into business operations. However, software development specialist, Global Kinetic, has warned that IT leaders should still exercise some caution, especially as global regulators move towards consensus.
The latest 27th PwC Annual Global CEO survey shows that 70% of the 4 702 respondents expect generative AI (gen AI) to significantly change the way their company creates value over the next three years. However, their enthusiasm was tempered in the longer term, with concerns around the need to upskill their workforce, deal with security, as well as a considerable 52% saying they had concerns about legal liabilities and reputational risk.
“Software leaders are experimenting with AI, but it’s abundantly clear that not all gen AI is ready to take centre stage just yet. As more companies begin to roll out the technology into their daily operations there is still room for some serious missteps, especially for software dev teams – both in-house and contractors. This becomes more complicated when operating in an opaque regulatory environment,” warned Dewald Mienie, Global Kinetic head of architecture and technology.
Regulators are playing catch-up
As with most new tech regulations, the EU is at the vanguard when it comes to AI regulations. The Union proposed the AI Act in 2021 to protect citizens and ensure better conditions for the development and use of AI technologies.
While 31 countries have already passed individual AI laws and a further 13 are debating them, South Africa has yet to pass any. The country does however have solid IP law and robust privacy laws, and in November 2022, the communication and digital technologies department established the AI Institute of SA, which was founded on the vision set out by the Presidential Commission on the Fourth Industrial Revolution (PC4IR).
However, with the majority of Southern Africa’s CEOs (71% according to KPMG’s 2023 Southern Africa CEO outlook), saying gen AI was a top investment priority, Mienie said the country’s tech leaders must proceed with caution.
Can you trust the source?
When it comes to software development, AI has already made itself incredibly useful. Many software leaders are leaning into the efficiencies that can be easily and relatively cheaply gained by using AI to write simple code. However, Mienie said the lure of this cheap labour can trip some up.
“While we all worry about protecting our IP and where it is being stored, and with whom it is being shared, we often forget to question the source of the data that the machine has learned from as it now starts producing our code. Companies must be able to produce a set of code that clearly isn’t infringing on their competitors and this can be very difficult if developers aren’t sure where the gen AI is sourcing its inspiration from.”
He said the AI system can also create a host of security challenges.
Mienie said when a software developer generates code with ChatGPT, the programme will also tell you what libraries it uses. But since ChatGPT also infers certain things, it can, for example, make use of or generate a library that does not exist. This means bad actors simply have to search for these fake libraries, taking advantage of any number of attack vectors that can be implemented, as they get pulled into a company’s system.
Take a risk-based approach
Mienie said companies should take a risk-based approach to privacy when using programmes such as Copilot which plug into a company’s Integrated Development Environment (IDE). While there may be AI privacy guarantees, he says a development company or department can never be certain how much of their code is being stored on remote servers.
“While there is no reason to assume that AI companies are maliciously holding onto your data, there is an expectation that software leaders will do all that is necessary to protect their unique IP. This is especially the case for smaller companies which would be hard pressed to go up against any of the big AI companies to prove in court that their code was being unfairly used,” Mienie said.
Mienie also points out that Copyright Shield, which gives enterprise clients employing OpenAI’s software for various tasks legal cover in the case of a copyright infringement case, could actually work against smaller companies when it comes to protecting their work.
Given the lack of consistent global regulatory clarity, Mienie suggests that software leaders are transparent with clients, declaring that they are using AI tooling for efficiency gains and acknowledging that there may be a small risk that IP could be leaked. The difference between on-premises AI tooling and cloud-based tooling should also be pointed out.
By including an AI opt-out clause in the client contract, software developers are protecting themselves and being transparent with clients.
Despite the risks of gen AI, Mienie says companies don’t have the luxury of waiting to see how the technology matures.
“The best approach is to identify low-risk products that can quickly and easily help improve your productivity. Once there is more security around regulations you can roll it out more broadly within your organisation. For now, the most important lesson for software developers is that they should not assume gen AI will always act with their best interests at heart and they should ensure both they, and their clients, are properly informed and protected.”
About Global Kinetic
Global Kinetic is a software business with extensive experience and expertise in delivering enterprise grade software engineering and digital transformation projects. Trusted across multiple global industries, and with deep expertise in banking and fintech, Global Kinetic has pioneered innovative solutions to complex enterprise projects for almost 20 years. A mature and perfected managed team approach guarantees high quality and predictability, augmented by unique strategic technology consulting services and software delivery accelerators. With just over 120 permanent employees in Cape Town, Palo Alto and Cypress and in other remote places around the world, Global Kinetic is a proponent of agile, cloud, mobile and enterprise software engineering.
- Read more articles by Global Kinetic on TechCentral
- This promoted content was paid for by the party concerned