Now that you’re familiar with the risks of AI, you’re ready to set up a code of conduct that will keep you and your company safe when using the technology. With your code of conduct, you establish regulations for what people at your company can and cannot do with AI in order to minimize the risk of accidents.
While this might sound restrictive, in reality, it’s not. By setting robust guidelines, you actually empower your teams to experiment and innovate with AI — and to do so safely. Here’s how:
a.) Recruit Your AI Council
Drafting a code of conduct is a big project. That’s why you need a team, or an AI council, to act as your strategic voice on AI. The code of conduct should be a company-wide initiative, so it’s important that your council includes people from across your entire organization. Here are some of the roles we recommend you start with:
- Early Adopters: Find the people who signed up for ChatGPT on day one and the ones who experiment with every new tool. You can harness their enthusiasm to kickstart and sustain change.
- Technical Leadership: Recruiting engineers, data scientists, and other technical roles are a must for your council. You need people who can work out what you can (and can’t) practically achieve.
- Functional Representation: Eventually, AI will revolutionize everyone’s jobs — so get ahead of it by bringing together representation from across all functions. That way, you can test use cases and products with multiple teams and ensure that every purchase benefits the company as a whole.
- Legal Experts: With AI regulation ramping up across the world (see: the EU Artificial Intelligence Act), recruiting strong legal voices to your council is non-negotiable. Staying on the right side of regulation isn’t just about staying legally compliant, it’s about doing right by your users, too — and your legal experts will help you ensure that you do both.
Once you’ve recruited your AI council, you can begin to work on your code of conduct.
b.) Find Your North Star
Before you get into the weeds of how you will use AI, your council’s first job is to work out what you as a company want to achieve with AI. To do this, you should start with “why.” Why is your company driving AI transformation?
Your “why” will depend on your organization’s values and purpose. At Drift, for example, we’re committed to supporting an environment where generative AI is used to drive innovation, increase agility, streamline processes, and empower our workforce. While your “why” won’t be the same as ours, the important thing is that you decide on a mission that your entire council — and, by extension, your entire company — can get behind.
By setting an overarching mission, your company will have a North Star that you can then rally behind and make progress towards in your adoption of AI.
Your mission sets the destination. Your code of conduct defines how you’ll get there.
c.) Draft Your Code of Conduct
A code of conduct is a public declaration of your company’s position on and use of AI. It sets out what you will and won’t do with AI, guidelines for how employees can use or experiment with AI, and any requirements for security and privacy when leveraging the technology. Take a look at Drift’s Code of Conduct as an example.
No two codes of conduct look alike — nor should they, as they represent the unique interests, goals, and concerns of each organization. That said, as you start writing your code of conduct, we recommend you include these common components:
- Mission and Purpose: Put your mission front and center. This will serve as a reminder for your entire company (and customers, if your code is public) of what you’re trying to achieve.
- Security and Privacy: Lay out minimum standards and expectations for security when using AI. Be clear about how people should approach data usage, privacy, and user consent.
- Governance: Explain who at your company is accountable for your AI systems and their output. Here, you can detail your compliance processes and any procedures you have in place to file complaints.
- AI Usage: Specify how you will — or won’t — use AI systems in your business. This can be as broad or narrow as you like, whether that’s deciding that you won’t use a certain type of AI or listing out all possible AI use cases for your company.
- Ethics: Cover your ethical redlines. This includes, for example, discussing how you will mitigate bias, avoid discrimination, and ensure fairness with your use of AI.
If you need some extra inspiration, check out Jasper’s Ethics and Responsible AI or Capgemini’s Code of Ethics for AI.
d.) Get Your Teams to Put the Code of Conduct into Action
Once you have your code of conduct written down, encourage your teams to think about how it applies to their work. This process isn’t about re-writing your code from scratch. It’s simply about working out how the code applies to each team’s unique operating environment — their specific goals, processes, and technologies.
A good way to get the ball rolling is to use AI council members as educators and change agents. This is where it’s useful to have representatives from every team on your AI council. You can send them out to engage their teams, educate other employees on the code of conduct, and encourage them to experiment with AI. From there, AI council members can monitor how their teams are applying the code and step in quickly if they see experiments going astray.
With your AI council members leading the charge in each team’s AI adoption, you will be able to create the impetus for change, all while making sure there is sufficient oversight.
e.) Revisit Your Code of Conduct (Again and Again)
Once you’ve got your code of conduct in action, the final thing to remember is this: Don’t carve your code of conduct into stone. Fixed policies will limit your ability to react to economic, technological, or regulatory change. So, task your AI council to stay alert to possible threats and potential opportunities that can affect your code of conduct.
Finally, make sure to revisit your code of conduct regularly. This will give you the opportunity to evaluate your guardrails, tighten where you think they’re too loose, and loosen where you think you need more flexibility.
After recruiting a team of AI enthusiasts and setting a robust foundation for how you will adopt AI, it’s time to consider where exactly your organization will deploy AI.