Follow up on change in AWS terms of service related to use of customer data for AI/ML uses

[ccostino]

We recently learned that AWS has updated their terms of service regarding the use of customer data for improving AI (artificial intelligence) and ML (machine learning) products that we need to account for.

Specifically, section 50.3 in the AWS terms of service states that customer data may now be used for AI/ML products to train them and for future improvements unless you explicitly opt out of this by setting a new policy in your account to exclude your data.

There are several concerns from a security compliance standpoint about this and we need to better understand the implications of this change and likely add this policy to our AWS accounts or coordinate with other TTS teams to get the policy added elsewhere. There are instructions for how to add the AI opt out policy to your organization here.

Implementation Sketch and Acceptance Criteria

• [ ] Follow up with other TTS colleagues and teams to determine the appropriate course of action
• [ ] Reach out to TTS Tech Portfolio to determine if we need to set the policy ourselves or if it should be done at a higher level
• [ ] Set and activate the policy where needed
• [ ] Document the change(s) so we have a record of this (TBD where - please ask if this isn't noted here by the time it's being worked on)

Security Considerations

• We want to make sure we are not exposing data where we should not be based on this change in terms of service.

[ccostino]

We haven't formally pulled this in yet but there's already a conversation going on internally amongst several folks and teams that I've been tracking.