Overview

Privacy and security are foundational principles of Responsible AI and a key topic on the AI-900: Microsoft Azure AI Fundamentals exam. These considerations focus on protecting personal data, maintaining user trust, and safeguarding AI systems from unauthorized access or misuse.

For AI-900, candidates are expected to understand why privacy and security matter, recognize scenarios where they apply, and identify how they relate to the responsible use of AI — not to implement technical security controls.

---

What do privacy and security mean in AI?

• Privacy refers to protecting personal and sensitive data used by or generated from AI systems.
• Security refers to protecting AI systems, data, and models from unauthorized access, attacks, or misuse.

AI solutions often rely on large volumes of data, which makes safeguarding that data critical.

---

Why privacy and security are important

AI systems frequently process sensitive information such as:

• Personal identifiers (names, addresses, IDs)
• Images or videos of people
• Voice recordings
• Text containing confidential or proprietary information

If privacy and security are not properly considered, AI solutions can expose personal data, violate regulations, and lose user trust.

---

Examples of privacy and security concerns

Common real-world scenarios include:

• Facial recognition systems collecting biometric data without consent
• Chatbots storing or exposing personal information shared by users
• Document processing systems handling confidential financial or legal documents
• Generative AI systems unintentionally revealing sensitive training data
• Unauthorized access to AI models or datasets

In each case, the concern is how data is collected, stored, protected, and used.

---

Privacy and security across AI workloads

Privacy and security considerations apply to all AI workloads, including:

• Machine learning models trained on personal or sensitive data
• Computer vision systems analyzing images or video of people
• Natural language processing systems processing user text or conversations
• Speech AI systems handling voice recordings
• Generative AI systems creating or using content based on user input

Any AI system that uses personal or sensitive data must prioritize privacy and security.

---

Key privacy considerations

High-level privacy concepts tested on AI-900 include:

• Collecting only the data that is necessary
• Using data responsibly and for intended purposes
• Protecting user consent and expectations
• Preventing unintended data exposure

These considerations help ensure ethical and lawful use of data.

---

Key security considerations

Security-related concepts include:

• Preventing unauthorized access to AI systems and data
• Protecting AI models from tampering or misuse
• Ensuring secure storage and transmission of data

While AI-900 does not test technical security mechanisms, you should recognize when security is a concern in AI scenarios.

---

Microsoft’s approach to privacy and security

Privacy and security are core components of Microsoft’s Responsible AI principles. Azure AI services are designed to meet enterprise-grade security and compliance standards, helping organizations build AI solutions that protect data and users.

---

Key takeaways for the AI-900 exam

• Privacy protects personal and sensitive data
• Security protects AI systems and data from unauthorized access
• Privacy and security apply across all AI workloads
• AI systems must handle data responsibly and securely
• Privacy and security are essential to building trustworthy AI solutions

Recognizing privacy and security concerns in AI scenarios is essential for success on the AI-900 exam.

---

Go to the Practice Exam Questions for this topic.

Go to the AI-900 Exam Prep Hub main page.