Skip to main content
Question 4 — Which approach to data privacy in LLM applications represents a best practice according to ethical AI principles?
  • Collecting all available user data to improve model performance.
  • Implementing data minimization and purpose limitation.
  • Storing user interaction data indefinitely for future analysis.
  • Sharing user data across applications without specific consent.
Answer: Implementing data minimization and purpose limitation.
Implementing data minimization and purpose limitation means collecting only the data strictly necessary for a stated purpose and not using it beyond that purpose without additional consent. This approach balances utility with privacy and aligns with ethical and legal data-protection frameworks.
The image presents a multiple-choice question about data privacy best practices in LLM applications, with the correct answer being "Implementing data minimization and purpose limitation." A detailed explanation of this choice is provided below the answer.
Why this is the best practice
  • Data minimization: Collect only the data required to deliver the requested functionality (for example, short-lived session context needed to fulfill a prompt). Avoid broad, unrelated telemetry or personal data collection.
  • Purpose limitation: Define and document the explicit purposes for data collection up front. Do not repurpose data for analytics, training, or third-party sharing without clear, informed consent.
  • Privacy-preserving controls: Use technical controls such as role-based access control, end-to-end encryption (in transit and at rest), aggregation, anonymization/pseudonymization, and techniques like differential privacy when aggregating usage data for analytics or model improvement.
  • Retention and disposal: Implement and enforce retention schedules so personal or sensitive data is deleted or irreversibly anonymized once it is no longer needed.
  • Transparency and user rights: Provide clear privacy notices, enable users to access, correct, or delete their data, and require explicit consent for new processing activities beyond the original scope.
Comparison: approaches and risks Why the other options are harmful
  • Collecting everything: Indiscriminate collection increases exposure to breaches and regulatory penalties while offering diminishing returns on model performance.
  • Storing indefinitely: Long retention periods multiply breach impact and often violate data-protection principles like storage limitation.
  • Sharing without consent: Unconsented sharing undermines user trust and usually contravenes legal frameworks such as GDPR, CCPA, and other privacy laws.
Key takeaways
  • Adopt a privacy-by-design posture: bake minimization, purpose limitation, and retention policies into system design and development workflows.
  • Use technical and organizational safeguards together: encryption, access controls, logging, and regular audits.
  • Document policies and obtain explicit consent for secondary uses or model training that rely on user data.
  • Monitor legal and ethical guidance: stay aligned with frameworks such as GDPR, ISO 27001, and NIST privacy recommendations.
Further reading and references

Watch Video