You are here
Acceptable Use of Generative Artificial Intelligence Tools
Background
Pitt Information Technology has a responsibility to protect University Computing resources, including University Data. There is a unique potential for users to misuse University Data when interacting with GenAI models and systems that are not approved by or provided by Pitt IT. Some GenAI models capture data submitted to their system, and to use that data for future training. In some circumstances, the raw data can be recovered by another user of the system after the GenAI system is trained with that data. When providing data to a GenAI model or system, it opens the risk that the data shared is exposed to parties that are not authorized to access that data.
Purpose
This Operating Standard describes and limits the types of Generative AI models and software that can be used with various classifications of University data. This standard also provides user responsibilities for the use of Generative Artificial Intelligence (GenAI). GenAI includes 1) the deep learning models that produce content, for example, text, images, or video from patterns in data that are provided to the model; and 2) any systems that use GenAI models, for example, Chat GPT, Grammarly, Notion AI, Microsoft Copilot. Users are responsible to guard against the inappropriate disclosure of protected University data when using GenAI.
Scope
This standard applies to University of Pittsburgh users providing data to GenAI models and systems in connection with University teaching, learning, research, business, and other activities.
Definitions
- GenAI Tool - Software interfaces such as Pitt GPT, Microsoft Copilot, Open AI Chat GPT, that mine information sources for various creative, problem-solving, and decision-making purposes. GenAI Tools may be standalone or integrated with other applications and services. (Copilot for Microsoft 365, for example, can be accessed from the Windows desktop or through Microsoft Office 365 applications. This kind of integration is not limited to Microsoft products.) It is important to note that AI technology is rapidly evolving, and new products and applications are emerging quickly.
- Public GenAI Tools are those readily available on the general market to anyone, whether free of charge or on a paid subscription basis.
- University GenAI Tools are those tools specifically approved for use with University data. An up-to-date list of these tools is available on the University Data Risk Classification website. Tools approved for use with University Private or Restricted Data interact with private University Large Language Models (LLMs) that do not share this data with other entities or the general public.
- Users – students, faculty, staff, contractors, guests, and any members of the general public granted permission to access and use University computing resources.
Use of GenAI Tools
Private and Restricted University data may only be used in conjunction with University GenAI Tools designated as approved for use with these classifications. Public data may be used with any GenAI model or system. Users must verify the approval status and data classifications permitted for any GenAI Tool before use. Users must request an evaluation of GenAI tools that have not yet been approved process.by initiating the Vendor Security Risk Assessment process.
Users must also be aware of their responsibilities as outlined in University Policy AO 10, Access to and Use of University Computing Resources that provides governance on prohibited activities and resource security or University computing resources.
When using any GenAI Tools, including approved University tools, users are responsible for:
- Being accountable for the use of their own output from GenAI and verifying the accuracy of all output obtained from GenAI.
- Using GenAI Tools only for legitimate purposes. Uses such as creating media impersonating or representing others without their permission or falsifying presentations of research data and/or research results are not legitimate uses.
- Refraining from malicious activities including disinformation, deception, or harassment of others.
When using Public GenAI Tools, users are also responsible for:
- Safeguarding the privacy of all individuals who have provided the University with personal information (including, but not limited to students, faculty, staff, community members, and research subjects) as well as respecting the intellectual property rights of others.
- Following all applicable laws, regulations, and University policies. See “Related Policies, Standards, and Additional Information” below for a non-exhaustive list.
- Exercising due diligence in identifying the intellectual property rights of others (including making derivate works) and following rules of fair use before using GenAI Tools in a manner that could violate others’ rights.
Noncompliance
Users must comply with this Operating Standard, University policy, and all applicable laws and regulations. Noncompliance may lead to disciplinary action consistent with University Policy, Staff Handbook, Faculty Handbook, Student Code of Conduct, or Collective Bargaining Agreements and may also result in suspension or termination of access privileges. Concerns relating to noncompliance may be reported through the Pitt Concern Connection and will be referred to the appropriate University authorities for review.
Related Policies, Standards, and Additional Information
University Policies
- Access to and Use of University Computing Resources AO 10
- Intellectual Property RI 10
- University Administrative Computer Data (UACD) Security and Privacy AO 35
- Use and Management of Social Security Numbers and University Primary ID (UPI)
Numbers CS 23 - Payment Card Handling and Acceptance FN 16
- Health Insurance Portability and Accountability Act CS 30
- Access to and Release of Education Records AC 04
- Computer Data Administration AO 11
- Guidelines on Academic Integrity – Student and Faculty Obligations
and Hearing Procedures AC 39
Pitt IT Operating Standards
Additional Information