Data, privacy, and security for use of models through the Model Catalog in AI Studio
This article provides details regarding how the data you provide is processed, used, and stored when you deploy models from the Model Catalog. Also see the Microsoft Products and Services Data Protection Addendum, which governs data processing by Azure services.
What data is processed for models deployed in Azure AI Studio?
When you deploy models in Azure AI Studio, the following types of data are processed to provide the service:
Prompts and generated content. A user submits a prompt, and the model generates content (output) via the operations supported by the model. Prompts might include content that added via retrieval-augmented-generation (RAG), metaprompts, or other functionality included in an application.
Uploaded data. For models that support fine-tuning, customers can upload their data to a datastore for use for fine-tuning.
Generate inferencing outputs with managed compute
Deploying models to managed computes deploys model weights to dedicated Virtual Machines and exposes a REST API for real-time inference. Learn more about deploying models from the Model Catalog to managed computes here. You manage the infrastructure for these managed computes, and Azure's data, privacy, and security commitments apply. Learn more about Azure compliance offerings applicable to Azure AI Studio here.
Although containers for models "Curated by Azure AI" are scanned for vulnerabilities that could exfiltrate data, not all models available through the Model Catalog are scanned. To reduce the risk of data exfiltration, you can protect your deployment using virtual networks. Learn more . You can also use Azure Policy to regulate the models that your users can deploy.
Generate inferencing outputs as a serverless API
When you deploy a model from the Model Catalog (base or fine-tuned) using serverless APIs with pay-as-you-go billing for inferencing, an API is provisioned giving you access to the model hosted and managed by the Azure Machine Learning Service. Learn more about serverless APIs in Model catalog and collections. The model processes your input prompts and generates outputs based on the functionality of the model, as described in the model details provided for the model. While the model is provided by the model provider, and your use of the model (and the model provider's accountability for the model and its outputs) is subject to the license terms provided with the model, Microsoft provides and manages the hosting infrastructure and API endpoint. The models hosted in Models-as-a-Service are subject to Azure's data, privacy, and security commitments. Learn more about Azure compliance offerings applicable to Azure AI Studio here.
Important
Some of the features described in this article might only be available in preview. This preview is provided without a service-level agreement, and we don't recommend it for production workloads. Certain features might not be supported or might have constrained capabilities. For more information, see Supplemental Terms of Use for Microsoft Azure Previews.
Microsoft acts as the data processor for prompts and outputs sent to and generated by a model deployed for pay-as-you-go inferencing (MaaS). Microsoft does not share these prompts and outputs with the model provider, and Microsoft does not use these prompts and outputs to train or improve Microsoft's, the model provider's, or any third party's models. Models are stateless and no prompts or outputs are stored in the model. If content filtering (preview) is enabled, prompts and outputs are screened for certain categories of harmful content by the Azure AI Content Safety service in real time; learn more about how Azure AI Content Safety processes data here. Prompts and outputs are processed within the geography specified during deployment but may be processed between regions within the geography for operational purposes (including performance and capacity management).
Note
As explained during the deployment process for Models-as-a-Service, Microsoft may share customer contact information and transaction details (including usage volume associated with the offering) with the model publisher so that they can contact customers regarding the model. Learn more about information available to model publishers in Analytics for the Microsoft commercial marketplace in Partner Center.
Fine-tune a model for pay-as-you-go deployment (Models-as-a-Service)
If a model available for serverless APIs supports fine-tuning, you can upload data to (or designate data already in) a datastore to fine-tune the model. You can then create a serverless API deployment for the fine-tuned model. The fine-tuned model can't be downloaded, but the fine-tuned model:
- Is available exclusively for your use;
- Can be double encrypted at rest (by default with Microsoft's AES-256 encryption and optionally with a customer managed key).
- Can be deleted by you at any time.
Training data uploaded for fine-tuning isn't used to train, retrain, or improve any Microsoft or third party model except as directed by you within the service.
Data processing for downloaded models
If you download a model from the Model Catalog, you choose where to deploy the model, and you're responsible for how data is processed when you use the model.
Learn more
Feedback
Coming soon: Throughout 2024 we will be phasing out GitHub Issues as the feedback mechanism for content and replacing it with a new feedback system. For more information see: https://aka.ms/ContentUserFeedback.
Submit and view feedback for