Module 4: Risks and Responsibility
Prompt injection, privacy, vendor dependency, IP, regulatory exposure, and ethical considerations.
Slides
Outline
- Risks with agentic tools: prompt injection, unpredictable behaviour, data exfiltration
- Risks with cloud AI providers: privacy, telemetry, vendor lock-in, service degradation, cost risk
- Licensing, intellectual property, and copyright: unsettled law, license contamination
- When NOT to use AI coding tools: safety-critical systems, classified work, regulatory contexts
- Reproducibility and determinism challenges for data science
- Ethical considerations: environmental impact, societal harms, military applications
- Regulatory landscape: EU AI Act, Canadian AIDA, US executive orders
- It is not just about you: helping your organization reason about these risks
Learning Objectives
- Identify and explain the major categories of risk in AI-assisted development: agent safety, privacy, vendor dependency, legal/IP, regulatory, and ethical
- Describe how prompt injection works and articulate the threat model for agentic coding tools
- Assess the privacy, cost, and reliability risks of depending on cloud AI providers
- Explain the current legal landscape around AI-generated code, including IP ownership, license contamination, and the status of pending litigation
- Identify contexts where AI coding tools should not or cannot be used, and explain why
- Recognize the reproducibility challenge that non-deterministic code generation poses for data science