BETA
This is a BETA experience. You may opt-out by clicking here

More From Forbes

Edit Story

10 Considerations When Developing A Bot To Filter Sensitive Information

Forbes Technology Council
POST WRITTEN BY
Expert Panel, Forbes Technology Council

Bots are well-suited for repetitive tasks that require sifting through tons of information. Because of this, they can be applied correctly to the job of filtering sensitive information. However, this filtering of information requires that both the input and output system, as well as the information feed, are set up correctly to enable accurate results.

Sensitive material comes in multiple forms, and bots need to be able to detect each of these, no matter how obscure they are. Feedback about the process must also be considered, as well as continual iteration to improve its efficiency. Below, members of Forbes Technology Council define 10 core considerations when implementing a bot to filter sensitive data.

1. Improve Algorithms Regularly

Filtering sensitive material should be an ongoing process as content is constantly changing in terms of topics and structure. For this reason, it's important to follow trends and improve algorithms regularly. - Ivailo Nikolov, SiteGround

2. Use Complex Filtering

You can’t use simple filters -- complexity is required. Simple filters are what causes these bots to become hated, as they often impact outside of their intended use. Certain communities that operate within these e-environments, such as academics, can be limited. So, if possible, add customization for users. The bot will always have to analyze each part of information, anyways. - Artem Petrov, Reinvently

3. Build In Configurable "Quarantines"

Any automated filtering is prone to false positives (the filtering of suspected material that isn't truly sensitive) and false negatives (sensitive information slipping through). Built into every AI bot filtering implementation should be a configurable "quarantine" process for humans to review the ongoing accuracy of the implementation and a process to respond to misclassification. - Steve Pao, Hillwork, LLC

Forbes Technology Council is an invitation-only community for world-class CIOs, CTOs and technology executives. Do I qualify?

4. Avoid Unintentional Bias

I think it is important to consider if one is unintentionally programming their own biases into the bot. It is easy to do this and important to keep in mind that one's biases are not always correct. Especially when dealing with sensitive material, extra attention should be paid to ensure the bot is filtering the material fairly! - Swish Goswami, Trufan Inc.

5. Take Diversity Into Consideration

You have to be wary of cultural differences in your user base to make sure you are not incorrectly filtering information that can cause offense or that may be inappropriate. - Rahul Patel, Persistent Systems

6. Make Sure It Obeys Privacy Laws

Make sure that the bot is obeying privacy and security laws while still managing to do its job at the utmost capacity. These bots must be fluid and dynamic, adapting to the e-environment as it changes. This way, filtering becomes non-static but fluid, and the bots can keep up with the changes that frequently happen. - Alexandro Pando, Xyrupt Technologies

7. Consider The Local Context

Sensitive material is defined differently in the Chinese Cybersecurity law, GDPR in Europe, CCPA in California, etc. More regulations are being written as you read this article, and the fines are huge. A bot that is filtering sensitive material must know and understand both the context (PII, PHI, Intellectual Property), and the location in which the data resides and in which the data will be used. - Michael Coden, BCG Platinion, a subsidiary of Boston Consulting Group

8. Know Your Data

There are two things I would think need to be defined. The first is a clear definition of the data types that are considered to be sensitive and the second is what response is considered acceptable by the bot once sensitive data is identified in a data flow. Both of these issues will need to be continually managed, as they will change due to business operations or changing regulations. - Gary Hayslip

9. Don't Forget About Logs And Exception Reporting

When filtering out sensitive information, don't forget secondary channels like exception/request logs. I've seen so many excellent filtering implementations write to plain-text logs the very information they were meant to filter out.  Few things are as jarring as seeing social security numbers scrolling by in server logs and alert emails. - Mike Sandler, Eligo Energy, LLC

10. Use Secure Recording Mode

Enterprises wanting to filter sensitive material while programming a bot can use the “secure recording mode” option for capturing a process to program a bot. If secure recording mode is enabled, the recorder will not capture any sensitive data. The same also applies at run time and the bot automatically filters sensitive data. - Sanjay Srivastava, Genpact