I flew around Europe quite a lot during my years as an underwriter. As every business traveller knows, being among the workplace jet-set adds up not to champagne and haute couture, but simply to bad commuting.

I will always remember my first visit to Stansted Airport, a souped-up WWII airfield in the heart of the Essex countryside located just up the line from Liverpool Street station. The company travel team booked my flight, but they left it up to me to decide how I’d get to and from this international hub of very bright yellow, blue, and orange business travel.

It’s memorable because I made a bad assumption based on the claims of marketeers.

Since the allocated budget was too little for a taxi (by design, I presumed), I opted to train it. I was delighted to learn of an express to Stansted (cunningly branded the ‘Stansted Express’). High-speed rail would be one happy link within my cattle-class excursion.

It was not to be. I missed my first flight out of Stansted, and learned the hard way that the word ‘express’ (when linked to ‘Stansted’, at least) is simply marketing hyperbole. The so-called express trundled along most of the route slower than the M25 on a poor day. It made only one stop; sliding the other 10 or so stations en route is the reason (I was later told) that the service is considered ‘express’ by the marketeers. Note: not because it’s as fast as the Heathrow Express (top speed: 110 mph).

Similarly, especially in the context of technology for insurance, ‘enterprise’ does not always mean what you think it should.

Earlier this week a prospect asked me if it was possible to share her firm’s confidential data securely with an LLM chatbot in a way that ensures it won’t be used by the vendor for AI training or anything else. She wasn’t the first to pose the question.

“We have an expensive AI enterprise account,” she said. “Is that enough? Enterprise versions ensure data privacy, right? Or do we need to subscribe via something like AWS Bedrock, which is even more expensive?”

(For those unfamiliar, AWS Bedrock is Amazon’s platform for building production-scale generative AI applications and agents.)

I sighed, and thought about my missed flight.

“Like so many questions that lie in the weeds of technology for insurance, the answer isn’t particularly straightforward,” I told the MGA ops manager. “First of all, the name means nothing. ‘Enterprise’ is no guarantee of anything except the minimum size of the monthly bill. Secondly, cost isn’t the axis of security.”

Typically, I explained, the cliff-edge for the use of data as training fodder is the end-user group the vendor has in their sights to adopt specific versions of a tool. Those intended for commercial use very often don’t train on your data (or at least they claim that they don’t). Versions aimed at consumers almost always do, by default.

“As for Bedrock,” I said, “that’s a completely different architecture. It keeps processing inside your own cloud tenancy, where the model provider can’t access your data, rather than being a premium chat seat. So technically it is another secure layer worth considering.”

With this, I had begun to boggle my non-tech potential customer.

“So I should use Bedrock,” she said/asked.

“I didn’t say that,” I said, wishing it was more straightforward. “Data residency is usually the deciding factor for regulated firms. Both options can satisfy your ‘don’t train on my data’ requirement, but choosing which jurisdiction the data physically sits in is what tips an insurer or an MGA handling multi-country data toward the cloud route, for example Bedrock, where your data is sequestered.”

“So I should use Bedrock,” she repeated, understandably.

I realised I hadn’t clarified well. “It depends. You need to ask your LLM provider some questions. Does it train on my data? What’s the retention window? Can I get zero data retention? Is there a DPA/BAA, what region, and who can see it?”

She held up a hand. “A DP…?”

“DPA/BAA,” I said. “A Data Processing Agreement or a Business Associate Agreement. These are legal contracts that ensure third-party vendors properly protect sensitive data. But not all of them do exactly what you’d expect.”

You have to read the fine print, I explained, adding that it would be wise to speak to legal counsel about this complex issue, too.

“The marketing-tier name isn’t the contract, so calling it ‘Enterprise’ doesn’t mean it’s secure,” I repeated. “Nor does it make the system legally compliant. The DPA and privacy terms are what matters, and even vendors can sometimes blur which tiers train on your data.”

“So I have homework,” she said. “We don’t want anything to be shared with others.”

I nodded in agreement. “Yes,” I said. “But no matter what service you buy, your data will still be fodder for AI training unless you take another important step.”

She sighed. I explained ‘Shadow AI’.

“Shadow AI is the biggest source of data leakage into AI training,” I said, “and like most cyber leakage, it’s usually a human resources problem. Most of the exposure comes from staff pasting data into free consumer AI accounts.”

“Yeah, the people,” she said with another sigh. “The herd of grazing cats.”

Give them Bedrock or another similar solution, I advised, alongside some potent training, to create a sanctioned safe channel for them to utilise whatever tools they want. “Access control and output handling stay your responsibility either way,” I noted. “Your people really are the most likely way your data will leak, at least at the moment, especially without proper training for everyone who has access.”

In summary:

• get to the bottom of the very complex question of third-party use of data with your specific provider
• ask about the duration of data retention, and
• determine the impacts of the specific jurisdiction where your data and agreements will reside.

Remember that higher prices don’t mean better answers, but almost without fail, cheap solutions fall down on all three.

“Of course,” I said in the end, “everything could change soon. AI is like a real express train: it travels very fast, and it doesn’t stop along the way.”

* Like every Insurance Technology Diary entry about AI, this one is accurate only to the best of my knowledge at the time of writing. The pace of AI progress is so great that I cannot guarantee it remains so now that it’s finished, let alone when you read it.

Guillaume Bonnissent is CEO of Quotech.