TABLE OF CONTENTS
This document is an appendix and a detailed elaboration of the principles set out in the "Guiding Policy on the Responsible and Ethical Use of Artificial Intelligence at the University of Akureyri" (hereinafter referred to as the "Principal Policy").
The main policy allows the use of AI tools if strict conditions are met on privacy, secure data handling, copyright, and academic integrity.
The purpose of this document is to provide the in-depth, technical and legal analysis necessary to interpret and enforce these conditions in an ever-changing technological environment. The document is intended for the entire academic community, students, teachers, researchers and administrative staff, as a fundamental guide to the safe and responsible use of this revolutionary technology. The document will be updated as needed, but is intended to reflect and ensure that users are aware and informed about the requirements for the use of AI and how different services handle the user's data.
An analysis of the top AI solutions demonstrates the fundamental risks associated with the use of large language models (LLMs). That risk lies in the fact that users' data is sent for processing on service providers' servers, which is a fundamental difference from traditional, local software. The pace of development in this field is unprecedented, and new models regularly appear on the scene, in addition to which the University of Akureyri (UNAK) has made certain tools available to the entire academic community. These developments call for a deeper and more comprehensive analysis that shifts the debate from general principles to a specific assessment supported by evidence at individual service providers and service levels.
The analysis in this document reveals a crucial conclusion: true data security in the world of generative artificial intelligence is not determined by branding, model performance, or whether the service is paid for. It is based on two inalienable pillars:
These two factors will serve as a common thread throughout the analysis and form the basis for the risk categories and practical recommendations presented.
PART I
To understand the risks associated with the use of AI, it is necessary to understand the fundamental differences that exist between the business models of service providers. These differences are reflected in three distinct levels of service: free consumer editions, paid individual subscriptions, and enterprise solutions.
In this model, the user is not the customer, but rather is part of the product. The data that a user enters – questions, snippets, ideas – is the currency that is paid for the service. Service providers such as OpenAI (for free ChatGPT) and Google (for Gemini) reserve the right to use this data to train, refine, and develop their models. The default setting is almost without exception that data collection for training is enabled. The user must show initiative, find the right settings and opt out (e. opt-out) of this use.
This often creates serious misunderstandings and a false sense of security. When a user pays for a subscription like ChatGPT Plus or Gemini Advanced, they are buying performance and access to newer and more powerful models. He is not buying increased privacy. In the vast majority of cases, the same privacy terms apply to paid individual subscriptions as they do to free versions. The user still needs to opt out of data usage for training manually.
At this stage, the business relationship changes dramatically. Here, the customer is a company or organization that pays for services where data security is a fundamental prerequisite. The customer's data is no longer a currency but a valuable asset that should be protected. All major service providers offer legally binding contracts that ensure that a customer's data is never used to train their public models. This is not a setting that needs to be opted out; This is the core of the service.
This clear distinction is key to any risk assessment: in consumer editions, your data is assumed to be part of the development process by default; In enterprise solutions, it is assumed by default that your data is entirely your property and treated as confidential.
Looking at the main service providers headquartered in North America and Europe (hereinafter referred to as "Western entities"), it becomes clear that they all operate according to the tripartite framework described above. Despite the competition in the performance and efficacy of models, there is consistency in their approach to data security at the enterprise level, which has created a certain gold standard in the market.
At the enterprise level, the picture is harmonized. All of these entities – OpenAI (with API, Teams, and Enterprise), Google (with Workspace and Google Cloud API), Anthropic (with API and For Work), Meta (with the Llama models through cloud services), and Microsoft (with Copilot for Microsoft 365 and Azure AI services) – offer enterprise solutions based on the following core assurances:
Contractual commitment to no training:
A clear and legally binding guarantee that a customer's data (both input and output) will not be used to train their generic models.
Data Isolation and Security Certifications:
The services are designed to isolate customer data and meet stringent global security standards, such as SOC 2 and ISO/IEC 27001.
Regulatory compliance:
The service providers commit to comply with the requirements of major data protection regulations, including the GDPR in Europe.
Powerful management tools:
Enterprise customers get access to dashboards that allow them to control employee access and monitor usage.
This coordinated approach at the company level creates a clear framework of reference and minimum requirements for all data processing for which the University of Akureyri is responsible.
With the advent of a number of new large-language models, especially from companies outside the traditional Western technology sector, a new dimension has been added to the risk assessment: jurisdictional risk. For an organization within the European Economic Area that is subject to the strict requirements of the GDPR, there is a legal obligation to ensure that personal data is only transferred to countries that provide comparable protection. The legal environment of the service provider's home country will therefore be a key factor in all risk assessments.
Many services, especially those operated outside of Western legal systems (e.g. in China), have terms of use that can be difficult for users within academia to accept. These terms may include:
Conclusion: Although curiosity about new technology is natural, the use of service providers where data storage cannot be guaranteed within the EU/EEA (or countries with an adequate data protection ruling) and where the terms and conditions allow the use of data for training, is incompatible with the security requirements of the University of Akureyri. Such tools fall into the riskiest category, as their use is entirely the responsibility of the user himself and is prohibited in all university activities.
PART II
The University of Akureyri has developed and implemented its own chatbots that are accessible to staff and students through the University's intranet, Borg (borg.unak.is).
Verification of technical foundation
The university's borg.unak.is chatbots are based on OpenAI's APIs, specifically the services covered by OpenAI's General Business and Corporate Terms and Conditions (formerly known as Teams). This means that all interactions with these chatbots are subject to OpenAI's strictest data protection terms.
Analysis of API protection measures
Using OpenAI's business API, the university ensures the following basic protections:
Bottom Line
The University's internal chatbots on borg.unak.is are formally classified as a secure enterprise solution. They meet all the basic requirements for data protection and security. However, caution should always be exercised and data that is subject to special statutory restrictions (e.g. sensitive personal data) should be placed in any cloud system unless absolutely necessary and following a special risk assessment.
The University of Akureyri provides all students and staff with access to Scite.ai, a powerful research tool that utilizes artificial intelligence to analyze scientific literature.
Dual functionality, unified security:
Scite.ai offers two main features:
Technical implementation analysis and data security
Scite Assistant is not a self-contained language model. The service is an intermediary that connects securely to enterprise solutions (Enterprise API) from authorized service providers such as OpenAI and Anthropic. This technical implementation is key. This means that all data that a user enters into Scite Assistant is subject to the strictest data protection terms of these backend services. The main point is that the data is not used to train OpenAI 's or Anthropic's public models, in full compliance with their terms for APIs and enterprise solutions. The data protection is therefore comparable to that guaranteed in the University's internal chatbots.
Conclusion and recommendations for the use of Scite.ai
Based on this analysis, both parts are Scite.ai considered safe for use within the academic community.
Since the University of Akureyri provides formal access to Scite.ai, the tool as a whole is classified as a secure and accepted solution for the academic community.
Connection to the University and purpose: The Information Services and Library of the University of Akureyri is implementing a new tool, AI Syllabus Assistant, within the electronic reading list system Leganto. The system is adopted in collaboration with the University of Akureyri Centre for Teaching and Information Technology, the National Library System and Ex Libris, the vendor of Leganto. The goal is to coordinate and simplify students' access to all course materials in one place.
Activity analysis
The tool uses collections of large-scale language models to analyze lesson plans and automatically create draft e-reading lists. Teachers upload a document (e.g., Word, PDF) and the AI identifies references to course materials, extracts information, and creates an organized reading list. The system then tries to link each source to the library's collections.
Data processing and verification of security
Data security is key. Ex Libris (which is part of Clarivate) has made a clear statement about the handling of data in this process. In the frequently asked questions (FAQs) about the tool, the following is stated:
"Are you using my data to train your AI?" "No. Your data is not used to directly or indirectly train LLMs. This feature utilizes pre-trained large language models (LLM) to process your content and create a list of resources. Your input is not stored by the large language model or used for any other purpose than to build the list."
This means that HA's data is not used to train AI models. Lesson plans uploaded are sent for processing only to create the reading list and are not saved by the language models. This policy is fully compliant with the University's security requirements.
Risk factors and limitations
Despite secure data processing, there are certain risk factors that concern functionality:
Conclusion and recommendations
The Leganto AI Syllabus Assistant is a secure tool from a data protection standpoint and falls under Category 1. However, its implementation requires caution. It is recommended that:
The market for AI is full of new solutions and startups. It is important to understand that many of these solutions are not standalone large-scale language models, but are based on connecting to basic models from large Western sources such as OpenAI, Google, Meta (Facebook) or Anthropic.
Scite.ai and the Leganto AI Syllabus Assistant are examples of services that do this responsibly by using secure enterprise connections (APIs) that ensure data protection. However, there are many innovative companies in the market that do not meet these requirements. Such services may use insecure connections or have ambiguous terms that allow the use of data for training purposes.
It is therefore important that staff and students exercise caution and carefully examine the privacy terms and data security of each new tool before using it for data related to the University.
HLUTI III
To enable users to make informed and confident decisions, a four-tier risk classification system is proposed. The system is based on (1) a contractual guarantee against the use of data for training purposes and (2) the jurisdiction of the service provider.
Risk Classification System for AI Tools:
| Risk category | Description | Example | Authorized data | Features/Requirements |
| Category 1: Approved | Centrally managed service with a corporate agreement that ensures data protection. | borg.unak.is, Copilot for M365, Scite.ai, Leganto AI | Any data that is not subject to specific statutory restrictions on processing or specific requirements or rules apply. | No special action required on the part of the user. |
| Category 2: Permitted | A business solution purchased from a department/individual. Requires confirmation that security terms are met. | ChatGPT Teams, Claude for Work | Professional and research data. | The user is responsible for making sure that the terms and conditions are in order. |
| Category 3: Limited | Consumer versions (both free and paid). Data is used for training by default and is compromised. | Free ChatGPT, Gemini, Perplexity, etc. | Only public, non-personally identifiable and completely non-sensitive data. | Use is the sole responsibility of the user. It is not recommended to use such services for intellectual property and research data, unless the user has verified that the service guarantees that the data will not be used for training purposes. |
| Category 4: Unsupported / At Your Own Risk | Services that UNAK does not endorse due to significant jurisdictional or security risks. | Deepseek, Qwen (consumer publishing) and other services outside the EU/US. | Only public data, user-owned data, or other non-sensitive data. | All use is the sole responsibility of the user. The University does not support these tools and recommends against the use of a University email address (@unak.is) for registration. |
On the basis of the risk classification system, the following practical guidelines are presented.
PART IV
Table 1: An In-Depth Comparison of Data Security AI Services
| Líkan/Þjónusta | Þjónustustig | Gögn notuð til þjálfunar? (Sjálfgefið) | Gagnaeinangrun (Fyrirtækjastig) | Geymslustaðsetning gagna (Lögsaga) | Helstu vottanir (Fyrirtækjastig) |
|---|---|---|---|---|---|
| ChatGPT (OpenAI) | Consumer (Free/Plus) | Yes (Can be opted out) | No | International (mainly US) | N/A |
| Company (API/Teams/Ent.) | No (Default) | Yes | US/EU (optional) | SOC 2, ISO 27001, GDPR, HIPAA | |
| Gemini (Google) | Consumer (Free/Adv.) | Yes (Can be opted out) | No | International (mainly US) | N/A |
| Enterprise (Workspace/Cloud) | No (Default) | Yes | International (manageable) | SOC 2/3, ISO 27001, GDPR, HIPAA | |
| Copilot (Microsoft) | Consumer (Free/Pro) | No (Requires approval) | No | International (mainly US) | N/A |
| Enterprise (M365/Azure) | No (Default) | Yes | International (manageable) | Comprehensive Microsoft 365 compliance | |
| Scite.ai | All Users (Assistant) | No (Uses OpenAI/Anthropic's secure API) | Yes (via backend) | United States | Refers to backend certifications |
| Leganto AI (Ex Libris/Clarivate) | Company (University subscription) | No (According to terms and conditions) | Yes | International | Clarivate Certifications |
| Services outside Western legal systems | Consumer (Often a single version) | Most of the time Yes (Cannot be opted out) | No | Often outside the EU/US | Few or none |
The analysis in this appendix conclusively confirms that there is a deep gulf between consumer publications and enterprise solutions in the world of artificial intelligence. In consumer versions, the user's data is the currency. In enterprise solutions, the user's data is a valuable asset that must be protected.
To this basic principle is added jurisdictional risks. For the University of Akureyri, which operates under European data protection legislation, this factor is an exclusion criterion. Services that cannot guarantee the handling and storage of data in accordance with the requirements of the GDPR are not considered for the processing of sensitive data.
The purpose of this document is not to curb the use of AI, but to create a safe and predictable environment where academia can take full advantage of these powerful technologies – to advance research, improve teaching, and increase efficiency – without sacrificing the fundamental values of privacy, data security, and the protection of intellectual property.
By providing clear categorization and practical guidance, the university community is better equipped to make informed decisions. The responsibility for data protection ultimately rests with each and every user. This document provides the knowledge and tools necessary to assume that responsibility professionally and determinedly.