You don’t need a ChatGPT ban. You need a ChatGPT policy.

I have heard of a number of companies banning their employees from using ChatGPT or making it inaccessible on company networks because of some very valid concerns over the reliability of its output and the security of data pushed into the prompts.

This seems misguided. To ban ChatGPT means turning your back on enormous productivity improvements for your whole team. And more importantly, your team isn’t learning how to use this new technology: what its limitations are, what it’s super powers are, and what the non-straightforward second order effects and opportunities for your industry might be.

I think most companies could manage the risk with a small amount of training and a simple ChatGPT policy:

I propose the following ChatGPT policy:
1) You must have your drivers licence.
You must have attended training on best practices, potential risks and obligations.  That means understanding what you can use it for, and what you can’t.  This also means understanding the rest of this policy well. 

2) You must take accountability for the final output.
Every fact from ChatGPT must be verified.  The employee must take full accountability for the final document/ presentation/ mail. No using ChatGPT for facts. Ever.

3) You must maintain confidentiality.
No personal data or highly sensitive company information must be used in any prompt.

4) You must make full disclosure when ChatGPT underpins tools.
All users of any tool that uses the ChatGPT API should be made aware of how it is being used so they can watch out for misfires. (Perhaps its worth having a central point where all of these are registered)

5) You must take special care in external facing use.
Explicit permission should be required for ChatGPT powered chat bots or other tools that interface directly with 3rd parties like customers or suppliers. This is a huge potential brand risk if not managed properly

With that in place, I think there can be a season of safe experimentation. ChatGPT can go wrong in significant ways.  But the first order personal productivity impact is enormous, and the second order effects are going to huge for any company that deals in words. 

Why not buy a ChatGPT-plus license for whoever was most eager and getting them to run sessions sharing best practices. But be very sure they understand the risks, and limitations.

What else do you think would need to be in policy? I have focused on large language models but it probably should be for all AI based tools. Please share your thoughts!