Best Practices and Guidelines for ChatGPT & API Models

Best Practices and Guidelines for ChatGPT and Similar AI Models

Protection against Deepfakes

1. ChatGPT should not have access to any confidential company data or proprietary information. 2. The generated content ideas should be focused on general marketing concepts and not reveal any specific strategies or campaign details. 3. I should be able to customize and adapt the generated content ideas to align with the City of Greensboro guidelines and objectives. 4. Data utilized should be based on widely available marketing knowledge and not rely on proprietary data or insights. User Story : Generate Social Media Campaigns As a marketing professional for the City of Greensboro, I frequently work on crafting compelling social media campaigns. I often encounter challenges that require quick and accurate information or assistance. I want to leverage the capabilities of ChatGPT to provide me with valuable insights, suggestions, and support in real-time, without revealing any proprietary or confidential information. This will optimize my ability to generate creative and engaging content ideas that resonate with our target audience, while ensuring that security best practices are followed. Acceptance Criteria • Verify through multiple channels - Never rely on a single communication channel when receiving unusual requests. If you receive an email, video call, or voice message requesting sensitive information or financial transactions, confirm through a different method like an in-person conversation or a separate phone call to a known number. • Watch for warning signs - Look for inconsistencies in audio or video communications, such as unnatural facial movements, strange lighting, audio-visual misalignments, or distortions when someone moves. In voice-only communications, listen for unusual speech patterns, background noise inconsistencies, or linguistic choices that seem out of character. • Be skeptical of urgent requests - Deepfakes are often used in social engineering attacks that create a false sense of urgency. Be especially cautious of time-sensitive requests involving money transfers, credential sharing, or confidential information. • Report suspicious communications - If you encounter a suspected deepfake, report it immediately to the IT security team. Preserving the evidence can help prevent others from falling victim to similar attacks. CONSTRUCTIVE USER STORIES