{"id":31426,"date":"2026-02-12T17:25:03","date_gmt":"2026-02-12T20:25:03","guid":{"rendered":"https:\/\/www.tedic.org\/?p=31426"},"modified":"2026-02-20T17:44:28","modified_gmt":"2026-02-20T20:44:28","slug":"secure-prompting-for-the-use-of-artificial-intelligence","status":"publish","type":"post","link":"https:\/\/www.tedic.org\/en\/secure-prompting-for-the-use-of-artificial-intelligence\/","title":{"rendered":"Secure prompting for the use of artificial intelligence"},"content":{"rendered":"\n

By Fernanda Carl\u00e9s<\/em><\/p>\n\n\n\n

In recent years, the use of artificial intelligence tools has become almost inevitable. In many workplaces, and particularly in civil society organizations, AI appears as a way to \u201cdo more with less\u201d: write faster, organize ideas, summarize long documents, prepare draft reports, develop project concepts, or analyze information.<\/p>\n\n\n\n

\"\"<\/figure>\n\n\n\n

The demands of today\u2019s labor market push in that direction: speed, efficiency, and immediate responsiveness are expected. In this context, chatbots can be a useful and even positive tool for work in human rights, environmental advocacy, education, health, or communications. Denying this would be unrealistic.<\/p>\n\n\n\n

\"\"<\/figure>\n\n\n\n

The problem is that these tools do not exist in a vacuum\u2014at least not in the way they are currently built and made available to the public. They operate within a business logic based on data accumulation. Most current generative AI systems are developed by private companies whose models rely, directly or indirectly, on collecting information, training models, and scaling products. This has clear implications for privacy and security.<\/p>\n\n\n\n

At the same time, many of these technologies are relatively new. They are startups or rapidly evolving products, with documented histories of security incidents, data leaks, and vulnerabilities.<\/span>1<\/sup><\/a><\/span> <\/span>2<\/sup><\/a><\/span> We are not talking about hypothetical risks. Data extraction, unauthorized access, or opaque changes to terms of service have already occurred\u2014and will continue to occur.<\/p>\n\n\n\n

In this context, this article does not aim to demonize AI or promote its uncritical use. It seeks something more modest\u2014and more urgent: to propose basic security guidelines for using AI without putting people, communities, or organizations at risk.<\/strong><\/p>\n\n\n\n

Tip 1: Anonymizing prompts is not optional<\/strong><\/p>\n\n\n\n

In social organizations, the risk rarely comes from \u201cmalicious\u201d uses of AI, but rather from hurried and routine use. We open a chatbot to unblock a task, type a prompt almost without thinking, and\u2014without realizing it\u2014introduce information that never needed to leave our workspace.<\/p>\n\n\n\n

When we work with people, especially in contexts of vulnerability, violence, reporting, or exclusion, that excess information can violate rights\u2014not only the rights of those we support, but also those of our own organizations. It is not uncommon for prompts to include details about team members, internal dynamics, conflicts, ongoing projects, funding sources, or even financial movements, simply because we think it will \u201chelp the AI understand better.\u201d<\/p>\n\n\n\n

\"\"<\/figure>\n\n\n\n

The problem is that once shared, that information leaves our direct control. And it is important to recognize that we do not need to compromise our privacy\u2014or that of our organization or the people we work with\u2014to obtain good results. There are ways to use AI effectively without exposing sensitive information, and one of the most important is prompt anonymization.<\/p>\n\n\n\n

\"\"<\/figure>\n\n\n\n

Anonymizing the information we share in a chatbot protects us not only against extreme scenarios\u2014such as a massive data breach by the service provider, a risk that, as mentioned, is not merely hypothetical\u2014but also against far more ordinary situations. Personal account security failures, hacking, unauthorized access, or even the theft or loss of devices without adequate protection measures can turn a careless prompt into a source of unnecessary exposure.<\/p>\n\n\n\n

What does it really mean to anonymize a prompt?<\/strong><\/p>\n\n\n\n

Anonymizing is not just about removing names. It is a broader process that begins with identifying what constitutes personal or sensitive data, and understanding that identification rarely happens solely through explicit labels like a name or ID number. Very often, people become identifiable through the surrounding information.<\/p>\n\n\n\n

Exact age, neighborhood, type of work, approximate date of an event, family composition, health condition, institution involved, role within an organization\u2014each of these data points may seem harmless in isolation. But when combined, they function like a fingerprint. Even without names, that combination can allow someone to recognize the individual, especially in small communities, geographically limited contexts, or highly specific sectors such as civil society work.<\/p>\n\n\n\n

This phenomenon is particularly relevant when working with vulnerable populations. In many cases, it does not require malicious intent for someone to identify a person. Sometimes it is enough to know the territory, the team, or the local context for an \u201canonymized\u201d description to become obvious. For this reason, anonymization cannot be reduced to mechanically deleting data\u2014it requires a conscious exercise of abstraction and care.<\/p>\n\n\n\n

As a general rule, certain types of information should never be included in a prompt, even if the intention is \u201cjust to ask for help\u201d:<\/p>\n\n\n\n