Every cloud and AI certification now includes a section on responsible AI. This is not box-ticking — bias, hallucination, privacy, and copyright failures have produced real lawsuits, real regulatory fines, and real harm to users. This lesson surveys the main risks and the frameworks built to manage them.
Bias and Fairness
An ML model is only as fair as the data it was trained on. Bias enters through:
- Sampling bias: Training data over-represents some groups and under-represents others.
- Label bias: The humans who labelled the training data brought their own biases to the labels.
- Historical bias: Past decisions embedded in the data reflect past discrimination — even if the data is "accurate".
- Deployment bias: The model is used in a context different from the one it was trained on.
Famous failures: a hiring tool that downgraded CVs containing the word "women's"; facial recognition systems with much higher error rates for darker skin tones; medical algorithms that under-prioritised Black patients because they used historical healthcare spending as a proxy for need.
Common fairness metrics: demographic parity (equal positive rates across groups), equal opportunity (equal true positive rates), equalised odds (equal true and false positive rates). These metrics often conflict — you usually cannot satisfy all of them simultaneously. Picking the right one is a values decision, not a technical one.
Hallucination in LLMs
An LLM does not "know" facts — it predicts plausible token sequences. When the right answer is not strongly represented in its training data, it will confidently invent one. Famous examples include lawyers who cited LLM-generated case law that did not exist (and were sanctioned by judges).
Mitigations:
- RAG: Ground answers in retrieved documents (covered in the previous lesson).
- Citations: Require the model to quote its source for every claim.
- Verification: For factual queries, run a second pass that checks claims against a trusted source.
- Lower temperature: Reduces randomness, but can also reduce useful creativity.
- Refusal training: Modern models are trained to say "I don't know" rather than guess — though imperfectly.
Privacy
Three distinct privacy concerns:
- Training-data leakage: LLMs can be coerced into reproducing verbatim text from their training data, including personal information.
- Prompt-time PII: When users paste personal data into a hosted LLM, that data may be logged, used for training, or breached.
- Re-identification: Combining seemingly anonymous outputs can identify individuals.
Defences include differential privacy (adding calibrated noise during training so no single training example has a measurable effect on the model), federated learning (training across distributed datasets without centralising them), and operational controls like enterprise tiers that promise no training on customer data (OpenAI Enterprise, Anthropic Claude for Work, Azure OpenAI).
Copyright and Intellectual Property
The legal landscape is unsettled. Active questions include:
- Is training a model on copyrighted text fair use? (Lawsuits from the New York Times, authors, Getty Images, Reddit, and others are working through US courts.)
- Who owns the output of an LLM? (US Copyright Office: purely AI-generated work is not copyrightable; human-authored prompts plus selection/arrangement may be.)
- Can an AI image model that was trained on artists' work be used commercially without licensing?
For now, enterprises should: maintain a record of training data sources, prefer providers that offer indemnity for IP claims (Microsoft, Google, OpenAI all offer limited versions), and apply human review to AI-generated content used commercially.
Explainability
For high-stakes decisions (lending, hiring, medical diagnosis), regulators and customers increasingly demand explanations for model outputs. Tools include:
- SHAP (SHapley Additive exPlanations): Quantifies how much each feature contributed to a specific prediction.
- LIME (Local Interpretable Model-agnostic Explanations): Approximates the model locally with a simpler interpretable model.
- Attention visualisations: Show which parts of the input the model attended to (for transformers).
- Counterfactuals: "If this feature had been X instead of Y, the decision would have changed."
Governance Frameworks
| Framework | Origin | Status |
|---|---|---|
| NIST AI Risk Management Framework | US federal agency | Voluntary, widely adopted as best practice |
| EU AI Act | European Union | Law since 2024, phased enforcement through 2027; fines up to 7% of global revenue |
| ISO/IEC 42001 | International standard | Certifiable AI management system standard, published 2023 |
| OECD AI Principles | OECD | Non-binding, signed by 47+ countries |
The EU AI Act categorises systems by risk level: unacceptable (banned: social scoring, real-time biometric ID), high-risk (heavy compliance: hiring, credit, education, law enforcement), limited-risk (transparency requirements: chatbots must disclose), minimal-risk (no specific obligations). Even non-EU companies must comply if their systems are used in the EU.
Cloud Provider Responsible-AI Tooling
- AWS: SageMaker Clarify (bias detection, explainability), Bedrock Guardrails (content filtering, PII redaction)
- Azure: Responsible AI dashboard, Content Safety, Azure AI Foundry policy controls
- Google Cloud: Vertex Explainable AI, Model Cards, Responsible AI Toolkit
Every certification (AWS AI Practitioner, Azure AI-900, GCP Cloud Digital Leader) tests your knowledge of these tools and the principles behind them.