Feature flags and AI ConfigsAI ConfigsOperate AI ConfigsManage AI Configs

AI Configs and information privacy

Overview

This topic describes how the LaunchDarkly AI Configs product treats personally identifiable information (PII).

Privacy and PII in LaunchDarkly

End-user data is information about your customers that your application sends to LaunchDarkly as part of a context. End user data can include PII, including names, email addresses, or other unique identifiers, depending on how you define your context attributes.

The AI Configs product works similarly to LaunchDarkly feature flags with respect to PII in end-user data. Specifically:

  • We recommend that you use private attributes when you target on PII or other sensitive data. To learn more, read Minimizing LaunchDarkly’s access to end user data.
  • If your organization prohibits sending PII to AI providers, then you must take care not to include PII in any of the context attributes that you reference in the messages in your AI Config variations. LaunchDarkly does not have guardrails that prevent you from sending PII from your application to LaunchDarkly, or from LaunchDarkly to a third party, such as an AI model.

LaunchDarkly and AI models

When you work with AI Configs, LaunchDarkly does not send prompts, context attributes, or variation configuration to any AI provider. LaunchDarkly does not proxy model responses and does not use any information you provide to fine-tune or train any models. This includes information you provide when you create an AI Config and its variations, as well as information included in context attributes. If you choose to use AI Configs Playground or Evaluations, you will be required to input API keys from your model providers. LaunchDarkly will send your prompts, context attributes, and evaluation criteria to the models and API providers you specify using your credentials, under the terms of your existing agreements.

If you use variables within your AI Config variation messages, either from a context attribute or directly from your application, LaunchDarkly substitutes the values of those variables into the message. If your organization prohibits sending PII to AI providers, then you must take care not to include PII in any of the variables that you reference in the messages in your AI Config variations.