Which universities mention AI privacy or data-entry rules?

Adobe Acrobat AI Assistant is listed for University of Chicago in an official university AI tools source. Derived availability: conditionally allowed. Derived endorsement type: third party service.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

Azure AI is listed for University of Chicago in an official university AI tools source. Derived availability: conditionally allowed. Derived endorsement type: institutionally licensed or procured.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

ChatGPT 3.5 is listed for University of Chicago in an official university AI tools source. Derived availability: conditionally allowed. Derived endorsement type: third party service.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

The use of applications to detect AI-generated content is strongly discouraged at UBC due to concerns about effectiveness, accuracy, bias, privacy, and intellectual property. Turnitin AI detection is not enabled.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

UBC says instructors or teaching assistants cannot require students to use GenAI or any other technology tool that requires sharing personal information unless the tool has undergone a UBC Privacy Impact Assessment review and been approved for use with personal information.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

Do not enter personal information into any generative AI tool that has not been through UBC's FIPPA compliance assessment (PIA), as to do so may be a breach of privacy.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

ChatGPT Edu is listed for University of Oxford in an official university AI tools source. Derived availability: allowed. Derived endorsement type: institutionally licensed or procured.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

Codex is listed for University of Oxford in an official university AI tools source. Derived availability: allowed. Derived endorsement type: institutionally licensed or procured.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

Google Gemini is listed for University of Oxford in an official university AI tools source. Derived availability: allowed. Derived endorsement type: institutionally licensed or procured.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

ANU approved six institutional AI principles via Academic Board in June 2023, covering excellence/integrity, research engagement, clear guidance, AI literacy, access/privacy/security, and collaborative policy development.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

ANU academic staff are not permitted to upload student data or academic work to generative AI platforms.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

ANU prohibits using AI to collect, use, store, or disclose personal information without express consent from the individual(s).

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

UW general GenAI guidance says only UW-approved services and applications may be used with University data.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

UW-IT says users must sign into Copilot with a UW Microsoft 365 account to receive the commercial data protection benefit.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

UW Medicine COMP.308 says use of any AI within its scope must comply with UW Medicine patient-information privacy policies and IT security standards.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

CUIMC restricts sensitive data (PHI, RHI, PII) use with AI to HIPAA-compliant platforms only (ChatGPT Education, approved Microsoft Copilot, CHAT with compliant models); research use requires IRB approval.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

Columbia University has a university-wide Generative AI Policy from the Office of the Provost governing use by staff, faculty, students, and researchers, covering information security, data privacy, copyright, academic integrity, and bias.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

Columbia University requires researchers to avoid uploading unpublished research data or confidential information into generative AI tools.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

Emory Responsible AI guidance says public-facing AI platforms create disclosure risks for Sensitive Information and directs users to use Emory-approved secure AI tools when handling such information.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

Emory Responsible AI guidance says AI tools that have not gone through the EASAT review process may not be suitable for handling Confidential or Restricted data, and users should consult the EASAT website for approved tools and use scope.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

Emory Responsible AI guidance says users should use only Emory-approved secure AI tools for content workflows.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

KTH teacher guidance says teachers should remove personal data from material given to generative AI tools and ask students to do the same.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

KTH legal guidance advises clearing prompts of personal data and says use of generative AI with personal data requires verifying GDPR-related grounds, storage, third-party, and training-data questions.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

KTH IT guidance says employees should verify responsibilities, regulations and agreements, and assess ethical consequences, before sharing information with AI tools.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

UC Berkeley requires users to use UC-licensed AI tools rather than individual consumer accounts to benefit from UC's contractual data protections when working with information more sensitive than Protection Level P1.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

UC Berkeley prohibits entering personal, confidential, proprietary, or otherwise sensitive information classified as Protection Level P2, P3, or P4 into generative AI tools, unless specifically allowed under UC's negotiated contracts with AI providers.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

UC Berkeley prohibits entering FERPA-protected student records, non-public instructional materials, and proprietary or unpublished research into generative AI tools.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

Staff must avoid inputting confidential, sensitive or personal information into GenAI tools unless warranted and only in accordance with guidance. Inputting data into a free or unlicensed GenAI tool could be considered equivalent to putting it into the public domain, signifying a potential personal data breach.

Evidence records: 2. Original evidence remains canonical on the linked university record and public JSON.

The University's standard licensed GenAI tools are Microsoft 365 Copilot, Google Gemini, and Google NotebookLM. Use of other licensed GenAI tools is not prohibited but must be procured in accordance with applicable procurement policy, including completion of risk assessments such as DPIAs and/or ISRAs. The public, free versions of Copilot, Gemini and NotebookLM must not be used for University activities.

Evidence records: 2. Original evidence remains canonical on the linked university record and public JSON.

Staff must consider the purpose for which data was collected before inputting it into GenAI tools. Data must be collected, held and used for only that purpose. It is not appropriate to use personal data collected for a different purpose with a GenAI tool. Automated decision-making involving GenAI requires human involvement in the decision-making process.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

University-wide: Level 2 and above confidential data (including non-public research data, finance, HR, student records, medical information) should not be entered into publicly-available generative AI tools. Such data may only be entered into generative AI tools that have been assessed and approved by Harvard's Information Security and Data Privacy office.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

University-wide: All vendor generative AI tools not currently offered by HUIT must be assessed for risk by Harvard's Information Security and Data Privacy office prior to use in Harvard work. Contact HUIT before procuring any generative AI tool.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

University-wide: AI meeting assistants (AI note takers or bots) should not be used in Harvard meetings, with the exception of approved tools with contractual protections including enterprise agreements with appropriate security and privacy protections, or tools as part of limited HUIT-directed pilot programs.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

Purdue requires prior approval before Sensitive or Restricted Data is entered into AI tools, including training or testing AI tools.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

Purdue's AI Use policy treats AI tools and university data used with them as IT Resources and Information Assets subject to Purdue acceptable-use and security/privacy policy controls.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

Purdue teaching guidance says instructors should commit to never sharing personally identifiable student information with third-party AI tools.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

SNU's AI Guidelines for research require cross-verification of AI outputs for errors/bias, protection of research data and confidential information, and documentation of AI use for research reproducibility.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

SNU's AI Guidelines require transparent disclosure of AI use, fact and source verification, copyright/privacy/information security compliance, bias correction, and awareness of accountability.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

SNU Library states that most e-resource subscription agreements only permit viewing, downloading, and printing; using resources for AI training/analysis or uploading to third-party AI services requires separate authorization.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

The PGR guidance says researchers must ensure confidential, proprietary, or personally identifiable information is never uploaded to any GenAI platform.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

IT Services productivity principles say only University-approved AI tools should be used for official University business, and staff have access to Google Gemini as the institutionally supported GenAI tool.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

IT Services productivity principles say AI use must comply with GDPR and University data-protection policies, and sensitive or confidential information must not be entered into public or unregulated AI models.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

UTokyo warns students to never input confidential information, personal information, or unpublished research results into AI tools, as the information might be leaked or used for AI training.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

UTokyo requires instructors who allow AI use to explain associated risks to students: information leakage, data concentration in few companies, copyright concerns, and potential bias.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

UTokyo instructs faculty not to input exam questions directly into generative AI tools, as exams are highly confidential documents.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

Warwick's AI Information Compliance Policy covers everyone with a contractual or implied relationship with the University and all information processed by the University.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

Warwick's AI Information Compliance Policy says certain data, including personal or confidential material, University intellectual property, and some copyrighted or third-party data, must not be put into AI software without prior approval.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

Warwick's AI in research guidance says its principles apply to all researchers and researchers must consider AI-related research risks including integrity, information security, and accountability risks.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

UC Davis guidance says users should not enter sensitive UC Davis data, including student, personnel, patient, confidential research, or financial account information, into AI tools.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

The UC Davis School of Medicine policy says medical students are not permitted to use external generative AI tools for patient care documentation except as allowed under UC Davis Health policy, and PHI must not be entered into a generative AI tool outside a secure institutionally supported system.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

UC Davis Health guidance says generative AI tools should not be used with patient information or other sensitive data unless the tool is specifically approved by UC Davis Health.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

The University of Manitoba discourages instructors from using AI-detection software on student work, citing unreliability and privacy, intellectual property, and ethical concerns.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

The University of Manitoba states that it has not formally approved specific Generative AI software; even GenAI tools within its M365 A3 license should be considered with the caution applied to third-party applications that ingest personal data.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

University of Manitoba copyright guidance says users should ensure content uploaded to Generative AI tools is legally permitted and does not contain confidential or sensitive information that should not be used by others.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

UMD guidance tells researchers not to input federal, state, or UMD data into externally sourced GenAI tools and not to upload unpublished research data or other confidential information into tools that have not undergone proper review.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

For administrative work, UMD guidance says administrative staff should not input non-public institutional data into externally sourced GenAI platforms and faculty or staff should not put moderate-risk Level 2 or higher data into public external GenAI platforms.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

UMD's AI services page lists DIT AI services and states that listed DIT tools have gone through SRM review and are approved for university community members to use.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

Penn provides several licensed AI tools to its community, including Copilot Chat (Basic, free), Adobe Express (free), ChatGPT-EDU (purchase required), M365 Copilot Premium (purchase required), Gemini for Google Workspace (purchase required), Google NotebookLM (purchase required), Grammarly Pro (purchase required), Snowflake Data Analytics (purchase required), and Zoom AI Companion (free).

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

Penn users should not input moderate or high-risk Penn data (per the Penn Data Risk Classification) or intellectual property into AI tools without careful consideration of data use policies, a protective contract, and review by Penn's Privacy Office and Office of Information Security.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

Penn's Office of Audit, Compliance & Privacy mandates that users of publicly available (unlicensed) AI tools must not enter any information that could identify a student, including names, ID numbers, email addresses, or detailed descriptions of student work or engagement that could be identifiable to others.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

UW-Madison states that sensitive, restricted, or otherwise protected data may not be entered into a generative AI tool or service unless the tool has undergone appropriate internal review.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

UW-Madison identifies use of AI-generated code in institutional IT systems or services without human review for malicious elements as a prohibited use.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

UW-Madison Registrar guidance says UW-Madison-provided AI meeting summarization tools are generally approved for use with FERPA data, but unit leadership decides whether and how they may be used.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

Aarhus University student guidance says students should never upload confidential or sensitive personal data covered by GDPR rules to a GAI application.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

Aarhus University staff guidance says staff may not use GAI for trade secrets, confidential or sensitive data or copyrighted material; staff are responsible for the accuracy and quality of GAI-generated content they use or share; and GAI use should be credited where relevant.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

AU Library guidance for students says many library-provided materials such as e-books and articles may not be shared with AI tools, students should never upload confidential information to AI, and AI text mining of a larger text corpus is only permitted in an academic context if the library agreement with the publisher allows it.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

ASU's AI tools page says tools not listed on that page are not approved for enterprise use.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

ASU Digital Trust guidelines instruct users not to share information that is internal, sensitive, or highly sensitive to university policies and rules.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

ASU Research Compliance guidance says not to place any US export-controlled data into any generative AI tools.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

Cairo University's 2025 responsible AI policy states objectives to raise awareness of AI applications, protect data confidentiality and security, and ensure responsible use that upholds academic values.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

Cairo University's responsible AI policy identifies academic-staff risks that include plagiarism or failing to attribute AI tools, privacy-compromising data sharing, hallucinations and biases, and over-reliance on AI.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

Cairo University's responsible AI policy tells students that AI can support time management, research brainstorming, learning activities, and skills development, while flagging privacy breaches, over-reliance, hallucinations, and biases as risks.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

CSU's AI Tools page says other AI tools such as ChatGPT, Gemini, or Anthropic Claude may be used for non-sensitive public information only.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

CSU-GPT is described by CSU as operating inside CSU's Microsoft Azure environment, keeping data, prompts, and uploads inside the university's Microsoft Azure tenant.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

CSU's AI Tools page lists CSU-GPT, Microsoft Copilot Chat with CSU NetID, and Microsoft Teams Premium as currently approved tools for handling sensitive CSU data.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

Iowa State guidance says confidential data classified as moderate or above may not be entered into any generative AI product unless assessed and approved under ISU data classification and applicable compliance processes.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

Iowa State guidance says generative AI use must comply with applicable laws, institutional requirements, and listed university policies, and users are responsible for AI-generated content they publish.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

Iowa State research guidance warns that users cannot assume GenAI tools comply with HIPAA, FERPA, and similar confidentiality rules, and says uploading information to a public AI tool is equivalent to releasing it publicly.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

McMaster's operational excellence generative AI guidelines tell employees not to upload confidential, personal, personal health, or proprietary information to a generative AI tool unless required security/privacy assessments have been completed, while noting an enterprise Microsoft Copilot exception when logged in with McMaster credentials.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

McMaster's Provost academic integrity page says McMaster has not activated Turnitin's AI Detector, while privacy/security and reliability assessment work is underway and activation may allow retroactive submissions.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

McMaster's privacy considerations page says that for tools including automated functions, including artificial intelligence, the university must conduct an Algorithmic Impact Assessment, with the Privacy Office responsible for the AIA process.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

MSU guidelines say third-party generative AI tools, especially those operated outside the United States, may be used only with non-sensitive public information unless MSU IT Information Security gives prior approval.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

MSU IT standards say only AI platforms formally evaluated and recommended by MSU IT Governance, Risk, and Compliance may be used with institutional data, and no AI tool should be assumed safe for confidential or regulated data unless explicitly approved.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

MSU IT says requests to purchase non-enterprise generative AI tools at MSU require completion and approval of an IT Readiness form.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

Thesis examiners are not permitted to use Generative AI technologies (such as ChatGPT) during the thesis examination process to support, prepare, or write their examiners' report.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

Students should not upload personal, sensitive, copyrighted, or licensed material to AI tools, as many AI tools cannot guarantee privacy, strong data security, or the protection of intellectual property.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

Monash enterprise systems such as Copilot have enterprise data protections identified under the green shield in Monash Copilot. Students should use their Monash email address to access Microsoft Copilot which provides data protection for Monash.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

NC State guidance says NC State credentials must be used for approved AI tools and personal accounts are not allowed to be used with university data.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

NC State guidance says several AI tools are available for use with university data at approved sensitivity levels, and use of university data with unapproved AI tools requires an IT Purchase Compliance request.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

NC State research AI guidance says researchers must handle data used with AI responsibly under applicable privacy laws, university policies, and NC State data management regulation, and AI use for research with specific compliance control plans needs approval before use.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

Northeastern Policy 125 says faculty or staff seeking to use an AI system in University Operations must submit the system and use case for AI Review Committee and Office of Information Security approval when the system processes confidential information, personal information, restricted research data, or may affect legal rights or physical safety.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

Northeastern research standards say members of the Northeastern community conducting research are expected to follow the university AI Policy, complete AI Review Committee review when research uses an AI system to process confidential information, restricted research data, or personal information, and communicate permitted generative AI uses within project teams based on research activity and sponsor guidelines.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

Northeastern teaching and learning standards state that using generative AI to grade open-ended student responses requires AI Review Committee review because it could affect student legal rights and may involve sensitive personal information and risk of illegal bias or discrimination.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

Northwestern guidance states that faculty, staff, students, and affiliates should not enter institutional data into any generative AI tools that have not been validated by the University for appropriate use and have explicit permission of the data provider.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

Northwestern classifies data into four levels. Only Level 1 (non-confidential, public) data may be uploaded to publicly available generative AI tools. Data above Level 1 requires tools approved through Northwestern IT procurement and security review.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

Microsoft Copilot is Northwestern's primary approved generative AI tool. All students, faculty, and staff have access to free Copilot Chat, with full Copilot for Microsoft 365 available as a paid subscription.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

Stevens AI data-classification guidance treats public data as permissible for AI use, non-public Stevens data as permissible only with licensed AI tools while logged in with a Stevens account, and restricted data as prohibited for AI use.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

Stevens IT guidance says that, effective May 1, 2025, Fireflies.ai and Otter.ai were disabled from joining Zoom meetings hosted by Stevens users, and strongly recommends not using third-party AI bots in Zoom meetings.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

Stevens guidance says new AI uses in work should align with Stevens security, privacy, and relevant policies, and should seek prior approval from a supervisor or department chair.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

Texas A&M guidance says everyone must follow data privacy and security guidelines when using generative AI to protect personal and institutional data.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

Texas A&M publishes official recommendations and guidance for responsible generative AI use at the university, scoped to benefits and risks including academic integrity, privacy, and ethical use considerations.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

Texas A&M Technology Services describes TAMU AI Chat as a secure, university-approved platform open to all students and employees, with support for content classified as University-Confidential or lower.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

At the University of Edinburgh, staff presenting AI-generated content as their own original work, uploading personal data or confidential information to external AI tools, and relying on AI detection tools are listed as unacceptable uses.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

The University of Edinburgh states that ELM chat histories are private to the individual user and are not accessible to lecturers for checking student work.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

The University of Edinburgh says using an AI agent within Learn or any university learning or assessment platform requiring login is not permitted.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

Microsoft Copilot is listed for UNSW Sydney in an official university AI tools source. Derived availability: conditionally allowed. Derived endorsement type: officially endorsed.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

UNSW only authorises the use of Turnitin's AI Writing Detection Tool for detecting improper AI use in student work; UNSW IT has not approved other detection tools due to privacy and accuracy concerns.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

UNSW advises students not to include any personal or sensitive information in AI prompts, including addresses, names, emails, zID, or intellectual property, and recommends using Microsoft Copilot with a UNSW account for data privacy.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

UWA's 2026 student AI guide says students should not enter personal data or information into public AI systems.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

UWA has blocked DeepSeek services on UWA-managed devices and networks because of concerns about the safety and security of data shared with DeepSeek's online services.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

UWA research-writing guidance says authors are responsible for ensuring inputs to AI tools are suitable for uploading and processing and that use complies with copyright, privacy, ethics, data-sensitivity policies, and legislation.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

Tilburg University's Privacy & Security framework says users should not enter personal data, confidential information, or commercially sensitive information into GenAI tools, and should have tools assessed first if they want to process sensitive data with GenAI.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

Tilburg University's Privacy & Security framework states that GenAI output may contain errors, fabrications, or biases and that generated information should always be verified before being used or shared.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

Tilburg University's GenAI guidance says users should adhere to the university Privacy & Data Protection Policy and Information Security Policy and should not use GenAI for illegal or fraudulent purposes.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

Trinity's teaching and learning guidance says private student or staff information must not be used in GenAI queries or instructions.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

Trinity's College Statement treats AI and GenAI as relevant to teaching, learning, assessment and research while identifying risks including academic integrity, ethics and privacy.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

Trinity's research guidance says researchers remain responsible for scientific output, should cite GenAI usage in outputs, and should attend to privacy, confidentiality and intellectual-property issues when sharing sensitive information with AI tools.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

Tufts Technology Services states that faculty and staff must not use unapproved AI tools for Tufts business, instruction, research, or administration without review and approval, especially when institutional data is involved.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

Tufts Technology Services states that, unless an AI tool has been explicitly approved for the data type, users must not enter restricted or regulated data, confidential or proprietary institutional data, or contract-restricted or licensed content into AI tools.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

Tufts' Spring 2026 generative AI usage guidelines state that AI use must comply with applicable laws, institutional policies, and contractual agreements, including privacy, confidentiality, security, accessibility, intellectual property, and academic integrity requirements.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

The [genIA] ethics guide says practical AI use should clearly define what is allowed, ask for declaration and citation of tool use when appropriate, verify student understanding and original contribution, and avoid entering sensitive information into external services.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

UdeC's [genIA] ethics page presents institutional guidelines and interactive tools for deciding how to incorporate generative AI in teaching and research while safeguarding transparency, authorship, privacy, and equity.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

[genIA] offers formative spaces for the UdeC university community, including basic and intermediate workshops on generative AI tools in teaching with objectives covering ethics, academic integrity, advanced tool use, and educational-material design.

Evidence records: 2. Original evidence remains canonical on the linked university record and public JSON.

The University states that generative AI detection tools are not currently allowable and that student work should not be uploaded to generative AI detection software.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

The research AI guidance says personal, confidential, or sensitive data must not be entered into AI tools without clear justification, data minimisation, and a Data Protection Impact Assessment where applicable.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

The research AI guidance says researchers should use University-endorsed AI tools for licensing, data protection, and information security compliance, and should justify and record use of unapproved or externally hosted tools.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

University of Idaho's OIT and AI Execution Group memo tells university employees not to put identifiable student, employee, or regulated data into public AI models like ChatGPT and to remain vigilant about FERPA, HIPAA, GLBA, and other compliance requirements when using AI.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

University of Idaho OIT guidance says agentic AI tools should not receive credentials to university systems, should not be installed on systems with moderate- or high-risk data access, and should be tested in a sandboxed workflow.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

University of Idaho OIT guidance says data uploaded to or downloaded from AI, including prompts, is subject to APM 30.11 data classification, and that listed AI services are approved only for the indicated data classifications.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

Illinois Enterprise GenAI guidance tells users to handle data used with AI according to legal, institutional, and ethical standards, including privacy laws.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

Illinois Enterprise GenAI guidance says personally identifiable information should be anonymized, removed, or obfuscated before processing with AI systems where possible.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

Illinois Enterprise GenAI guidance for service providers includes security controls, audits, MFA, and data privacy compliance for AI systems and sensitive data.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

Liverpool lists unacceptable uses of generative AI in education, including unreviewed copying of AI-generated content into assessment materials or feedback, using AI for grades or final assessment decisions, uploading protected student or confidential information to public AI platforms without required review, and creating or modifying official policy documents without appropriate review and approval.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

Liverpool's legal, security, and data-protection guidance says GenAI use must comply with UK GDPR and that personal information should not be uploaded or shared with AI tools unless necessary and appropriate safeguards are in place.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

The University of Liverpool has a central AI policies and guidance hub that collates generative AI guidance covering golden rules, legal/security/data protection, learning/teaching/assessment, and research.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

U-M requires using approved ITS AI Services for university data. Only data classified as Low may be used with AI services lacking a U-M contract or data agreement.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

U-M requires that AI-generated computer code is always reviewed by a human, with professionally trained peer code reviews for applications handling Restricted or High data.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

U-M ITS AI Services include HIPAA safeguards and may be used with Protected Health Information (PHI).

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

UTS states that use of AI systems must comply with its Privacy, Procurement, Information Security, and Acceptable Use of Information Technology Resources policies as appropriate.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

UTS's AI Operations Procedure requires a six-stage identification, assessment, approval, implementation, and management process before developing, deploying, procuring, or activating AI systems or AI capabilities.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

UTS research guidance tells researchers to check confidentiality, licence, and agreement restrictions before uploading data to GenAI tools, and to follow relevant IT, Acceptable Use, and Data Governance policies when a GenAI tool accesses UTS IT or network resources or is deployed on a UTS device.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

UT Austin acceptable-use guidance says published university information may be used freely with AI tools, while controlled or confidential university information can be used only with university-managed AI tools covered by contracts that protect university data and disable web search functionality.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

UT Austin acceptable-use guidance says unauthorized AI tools are not approved for controlled or confidential university information, including student records subject to FERPA, health information, proprietary information, and other controlled or confidential data.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

UT Austin acceptable-use guidance says the CISO must review AI tools before procurement, development, deployment, or use when the tools are intended to autonomously make, or be a controlling factor in making, consequential decisions.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

WashU IT guidance says users should not enter Washington University or secure data, including deidentified healthcare data, into publicly accessible non-protected AI tools.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

WashU IT AI purchasing guidance says an Office of Information Security Vendor Security Review is required when an AI tool has not yet been approved and the user intends to use or purchase it.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

WashU identifies specific secure AI tools as reviewed and approved for use with sensitive information, including HIPAA- or FERPA-covered data.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

Wayne State's generative AI guidelines state that AI tools must first be approved by C&IT and that third-party AI bots are not approved for use at this time, with exceptions following the technology purchasing process.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

Wayne State C&IT publishes a list of generative AI tools that have been reviewed and approved for secure use at Wayne State, while noting that the list may change as tools evolve and undergo security review.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

Wayne State's generative AI guidelines state that research documentation should not be uploaded to unapproved AI technology because doing so may violate the confidentiality or integrity of the research.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

Yale guidance says confidential, legally restricted, moderate-risk, and high-risk Yale data should not be entered into AI tools.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

Yale Poorvu Center guidance says classroom AI use must comply with FERPA and instructors cannot require students to create external accounts for tools Yale does not directly license.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

Yale describes Copilot Chat as not using conversations to train AI models or sharing data with OpenAI, while limiting high-risk data to Work search.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

Aalto AI Assistant guidance says public, internal, and confidential data may be used in Aalto AI Assistant, but secret content and special-category or otherwise sensitive personal data are not permitted.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

Aalto University AI Services describes Aalto AI Assistant as an official productized AI service available to all Aaltonians, with GPT models that can be applied to public, internal, and confidential information.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

Aalto University research guidance says AI cannot be given authorship, AI use in the research process should be transparently described for reproducibility, and personal data should not be fed into an online AI tool.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

American University guidance says not to enter sensitive, Confidential, or Official Use data into an AI platform unless approved by a university official, and not to upload, input, or analyze university data in an AI tool that OIT has not approved.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

American University publishes responsible-use guidance for AI tools that applies general principles of transparency, accountability, human oversight, data protection, privacy, teaching, research, staff, and student use.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

American University research guidance says researchers should be transparent about AI use, verify AI-generated content against trusted sources, protect data privacy, and not list AI systems as co-authors.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

Brown OIT guidance says users should not enter Level 2 or 3 Brown data into publicly available or vendor-enabled AI tools unless Brown has a contract for a specific service that protects the data.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

Brown OIT guidance says AI tool use is subject to the same policies as other information technology resources, including acceptable use, copyright, conduct, and contract review policies.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

Brown University Communications guidance for Brown communicators says not to input identifying personal information or proprietary information into AI tools.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

CMU Computing Services guidance says public AI tools should not be used with student data, confidential research, or sensitive administrative tasks.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

CMU Computing Services lists protected AI tools available at CMU and states that when users sign in with Andrew ID and password, each listed tool is FERPA-compliant and will not use data to train AI models.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

CMU Eberly Center guidance identifies a growing list of CMU-vetted generative AI tools that are FERPA compliant for teaching and learning when used as instructed.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

Cornell's committee report states that any information educators are obligated to keep private under FERPA or HIPAA should not be shared with generative AI tools or uploaded to third-party AI vendors.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

Cornell's IT guidelines prohibit entering any confidential, proprietary, federally or state regulated, or otherwise sensitive or restricted Cornell information into public generative AI tools, as such information becomes public and may be stored and used by anyone.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

Cornell's AI course policy icons include a 'PP' (Privacy Protecting) icon indicating that generative AI use is permitted but no copyrighted or proprietary class materials should be uploaded unless otherwise specified.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

Cyprus University of Technology's AI guide says the university encourages modern technological tools for education, research, and learning while also recognizing risks, misuse, privacy, and personal data concerns.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

The CUT AI guide says students must submit their own work and disclose any use of AI tools.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

The CUT Data Security guide advises users to avoid sharing confidential, sensitive, or personally identifiable information in AI prompts and to check AI tool privacy practices.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

Dartmouth staff guidance says only approved generative AI tools are authorized for handling DISC 2 or higher data.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

Dartmouth staff guidance directs generative AI procurement questions or planned purchases through ITC Rapid Review and risk assessment by Information Security and Data Protection.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

Thayer guidance says cloud AI tools should not be used to process or share unpublished research, confidential project details, or intellectual property.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

Duke AI tool guidance describes ChatGPT as available to Duke University faculty, staff, and students, with sensitive-data use excluding PHI and governed by institutional agreement.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

Duke research guidance says researchers should document and publish AI decision-making alongside research and should not cite chatbot-summarized information they have not authenticated.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

Duke CTL assignment-design guidance advises that personal information should not be shared when using AI in assignments, to minimize privacy threats to students and instructors.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

Essex staff guidance says generative AI tools may not be used as a sole decision maker, to process or analyse confidential or personal information, or through unapproved personal accounts.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

Essex staff guidance for business operations says staff using generative AI in their work must comply with the University's Information Security Policy, IT Acceptable Use Policy, and relevant legal requirements.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

Essex Zoom AI Companion guidance says hosts should inform attendees when AI Companion will be used, review and edit AI-generated meeting summaries before sharing, and check errors before sharing.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

Freie Universität Berlin describes KI.Assist@FU as its central data-protection-compliant chatbot for study and teaching, available free to FU members through single sign-on; the chatbot page says entered data is not used to train the models.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

The KI.Assist@FU terms prohibit use of the chatbot to process personal data and exclude use for correcting or evaluating student work or otherwise assessing students' abilities and knowledge.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

For students using AI, FU's Eckpunkte prohibit uploading copyrighted or personal content into AI systems and state that KI.Assist@FU may be used only for university purposes.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

Ghent University has a university-wide framework for responsible AI use that guides the Ghent University community with principles including accountability, honesty, respectful use, careful and sustainable use, privacy and confidentiality, and exemplary behaviour.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

Ghent University teaching guidance says lecturers and students should protect personal, privacy-sensitive, or copyright-protected data and should never upload personal or confidential information without clear permission.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

Ghent University research guidance says GDPR applies when developing AI based on personal data or processing personal data with AI in research, and that AI applications must ensure privacy and data protection throughout their lifecycle.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

Imperial's dAIsy AI platform uses University SSO authentication with auditing. Prompts and metadata are logged for operational monitoring, and AI model providers are configured not to train on user data. Users' prompts and responses are not used to train external AI models. dAIsy is approved for use with unrestricted data within Imperial's secure infrastructure.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

Breaches of Imperial's dAIsy Use Policy may lead to action under Academic Misconduct procedures for students and HR/disciplinary processes for staff, as well as under Information Security and Data Protection policies. Sanctions may include removal of access, grade penalties, or formal disciplinary measures.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

Research at Imperial that involves people, personal data, or sensitive topics may require ethics approval, a Data Protection Impact Assessment (DPIA), and data-governance controls before using any AI tool. Researchers must verify whether their use of AI in research requires special approval, particularly when uploading private or confidential research data.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

Keio's generative AI usage guideline tells users not to input personal or sensitive information through prompts or file attachments into AI services outside Keio's corporate contracts.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

Keio's guideline warns that Google AI Studio is outside Keio's official covered services and asks users to refrain from entering important information such as personal or confidential data.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

Keio's guideline classifies Gemini and NotebookLM under Keio's contract as corporately contracted AI services available through Keio.jp accounts in a trial standard-feature implementation as of July 2025.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

KU Leuven identifies Copilot logged in with a KU Leuven account as its recommended GenAI tool, citing contractual data protection, Enterprise technical security, and Microsoft not using entered data for further training.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

KU Leuven guidance says strictly confidential data should use only Copilot logged in with a KU Leuven account, and confidential or strictly confidential data require a security check if another AI tool is needed.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

KU Leuven safe-use guidance warns users to be careful with unsupported AI tools and not to enter personal data, confidential information, IP-sensitive data, or copyrighted material.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

Lehigh tells faculty, staff, students, and affiliates that institutional, restricted, or critical data may not be submitted to online systems including generative AI tools.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

Lehigh says community members who learn of a potential data protection or confidentiality breach through generative AI tools or otherwise are required to report it to the Office of Information Security.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

Lehigh says AI services acceptable for Class II data may be used in human-subjects research upon IRB approval, while unapproved services should be reviewed with LTS for data-security requirements.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

The LUH KI-Richtlinie prohibits processing personal data in AI systems without explicit KI-Rat approval and prohibits entering trade secrets or sensitive research data into AI systems.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

LUH says centrally provided AI systems should be used preferentially; mandatory use of decentralized AI systems in teaching requires KI-Rat approval and is allowed only if no personal data are processed.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

LUH provides LUHKI2 as a free, WebSSO-accessible, ChatGPT-based AI platform for university members without external registration, with stated anonymized GDPR-compliant processing and operational caveats about OpenAI chat-history retention and current file-upload storage.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

Leiden University's Dutch staff guidance says staff should use only AI tools marked green in the university toolpicker, should not process personal data or confidential information with AI tools, and should verify AI output.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

Leiden University states that ChatGPT is not supported because data security and privacy are not guaranteed.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

Leiden University tells staff to check confidentiality labels before using AI with documents.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

Lund University's Swedish policy says generative AI use is to comply with privacy and security laws and that procured tools or existing licensing agreements should be used in the first instance.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

Lund University's staff AI page says users may not write or upload sensitive material or sensitive personal data to ChatGPT, and may never upload medical information regardless of confidentiality status.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

Lund University's student guidance says students should primarily use Lund-licensed tools such as Microsoft Copilot Chat and Google Gemini, and must not upload other students' work, sensitive personal data, or copyright-protected material.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

Macquarie's AI policy says University-provided AI tools and systems are subject to privacy, security, intellectual-property, intended-use, and risk-assessment controls.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

Macquarie's research guidance says researchers using generative AI should mitigate sensitive-data risks, keep oversight and control, critically review outputs, and disclose or acknowledge generative AI use in research.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

Macquarie Library referencing guidance says students who use generative AI in assessments should clearly state how they used it and fact-check AI responses against reliable sources.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

Use of generative AI tools at MIT must comply with all applicable federal and state laws and orders (including FERPA, HIPAA, Massachusetts Data Protection Standards, export control laws, and the Executive Order on Safe, Secure, and Trustworthy Development and Use of AI), Institute policies (including 10.1 Academic and Research Misconduct, 11.0 Privacy and Disclosure of Personal Information, and 13.0 Information Policies), Information Protection guidelines, and the Institute's Written Information Security Program (WISP), plus any additional policies established by the user's department, lab, center, or institute (DLCI).

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

MIT departments, labs, centers, and institutes (DLCIs) already using a generative AI tool or service must ensure that the tool complies with all Institute policies and Information Protection guidelines, and must contact [email protected] for consultation or assessment if needed.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

Open AI ChatGPT is listed for Massachusetts Institute of Technology (MIT) in an official university AI tools source. Derived availability: conditionally allowed. Derived endorsement type: institutionally licensed or procured.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

Penn State's AI Studio user agreement permits Level 1 and Level 2 data in AI Studio and prohibits Level 3 and Level 4 data.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

Penn State guidance tells users not to use free personal AI accounts for Penn State-related teaching, learning, research, or work and never to input Level 3 or Level 4 information into any AI tool.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

Penn State ORP guidance says identifiable or restricted human-subjects data should not be input into generative AI systems unless IRB and data agreements explicitly approve it.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

Politecnico di Milano's regulation prohibits users from providing sensitive data to AI systems hosted outside the university, including credentials, personal identifying information, non-anonymized data, copyrighted data, university intellectual property, or data that could harm the university's reputation.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

Politecnico di Milano's regulation says users must be informed and made aware that data supplied to commercial AI tools may be visible and recorded by third parties, creating potential security risks.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

Politecnico di Milano's personal-data and ICT security regulation treats AI-system use in academic, research, and administrative activities as subject to ethical, responsible, legally compliant use aligned with the university's values.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

Queen Mary staff guidance says open-access GenAI tools are not secure for institutional data, and directs staff to use institutional Microsoft Copilot for sensitive, confidential, or internal-use-only information while not sharing internal-use Queen Mary data with external AI tools.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

Queen Mary IT FAQs say staff using built-in Copilot with a Queen Mary account get Microsoft 365 environment protections, and inputs are not stored or used for external model training.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

Queen Mary IT FAQs say staff intending to use Queen Mary data with a free AI tool must submit the tool for approval through the Ideas portal before using it.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

Queen's guidance directs users working with internal or confidential data to use only Queen's-approved AI tools such as LibreChat and Microsoft Copilot with Queen's single sign-on.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

Queen's AI Applications page states that the university has conducted security and privacy assessments for generative AI software and uses those assessments to identify risks and inform use guidelines.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

Queen's Library Generative AI privacy guide warns users not to assume that data input into an AI tool is private and confidential.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

Queen's research AI guidance says AI use in projects involving human participants, personal data, or sensitive information must be outlined in ethics applications.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

Queen's responsible-use guidance tells users to make an ethical judgment about the information submitted to AI tools and whether they have permission to submit it.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

Queen's tools guidance says the AI tools listed on the page are for exploration and exclusively with publicly available data.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

Radboud University advises users not to input sensitive or critical business information or personal data when using AI, and says not to share personal data without consent.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

Radboud University requests that staff and students who wish to use AI choose Copilot Chat.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

Radboud University says free tools such as ChatGPT and Google Gemini are not recommended because they pose privacy and security risks.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

Before RMIT initiates its AI Governance Framework for an AI initiative, existing governance assessments include Privacy Impact Assessment, Security Risk Assessment, and Third-Party Risk Assessment.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

RMIT's Val guidance says data shared with Val is kept private, secure and confidential, is not shared with OpenAI or other external organisations outside RMIT, and should not include personal, sensitive, or health information.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

RMIT tells students to verify AI outputs and treat public AI tools as privacy, security, and reputation risks because inputs could be shared.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

Rutgers OIT guidance says only Rutgers-approved AI tools should be used at the university to protect university data and ensure appropriate use; Rutgers-approved versions include security and privacy safeguards and do not use Rutgers data to train underlying models.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

Rutgers OIT guidance says anyone considering purchase of an AI application for use at Rutgers must follow the same security processes and risk assessments as other software purchases, as well as Rutgers digital-accessibility standards.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

Rutgers OIT guidance says confidential information, protected health information, and other proprietary Rutgers information may not be appropriate for use in AI applications and systems, and directs users to Rutgers data-classification and IT policies.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

RWTH's scenario catalog states that assessment of examination work using AI systems is not permissible at the present time, while limited help drafting feedback may be conceivable if it gives the AI no decision-making role, transfers no personal data, and is finally checked by humans.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

RWTH's scenario catalog says external AI systems may be used for university tasks only with attention to legal conditions, and that deployment or procurement of external services requires data-protection and other legal clarifications plus staff co-determination where employee services are involved.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

RWTH's general legal questions document says uploading photos, videos, audio recordings, or sensitive/personally identifying information about other people to an AI system is impermissible unless the data is already lawfully public or the affected person has consented.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

Stanford School of Medicine MD and MSPA programs strictly prohibit entering confidential research data, patient data, or protected health information (PHI) into public AI platforms. Use of patient-identifying information or PHI in public AI tools is strictly forbidden. Students must use Stanford-approved AI platforms (e.g., Stanford Healthcare Secure GPT, Stanford AI Playground) when handling sensitive data.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

Stanford University IT (UIT) advises users to avoid inputting Moderate or High Risk Data into third-party AI platforms or tools not covered by a Stanford Business Associates Agreement, whether using a personal or Stanford account. Users should opt out of sharing chat data with third-party AI providers when possible.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

Stanford University Communications (UComm) has issued AI guidelines for marketing and communications staff requiring: human oversight of all AI-generated content (non-delegable personal responsibility), adherence to university policies, prohibition on inputting confidential or legally privileged information into generative AI tools, prohibition on using AI to promote for-profit organizations or engage in political advocacy, and prohibition on using high-risk data in prompts. Stanford AI Playground is recommended as the primary platform. These guidelines apply to all regular staff, interns, casual employees, and consultants in marketing and communications functions.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

TIET's IT Policy & Guidelines state that authorized users may use only authorized IT resources, are accountable for assigned resources, should not enable unauthorized network access, and must not attempt to access restricted systems without authorization.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

TIET's IT Policy & Guidelines apply to all users of TIET IT resources and establish institute-wide responsibilities for protecting the confidentiality, integrity, and availability of information assets.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

Thapar's B.E. CSE scheme includes an Ethics and Risk Mitigation in AI course covering responsible AI principles, data privacy and governance, AI governance frameworks, and AI policy case-resolution exercises.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

CUHK provides Microsoft Copilot Chat (Basic) free to all students and staff under the Microsoft 365 license, with enterprise data protection when signed in with CUHK account.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

CUHK's student AI guide establishes ethical principles of accountability, transparency, and acknowledgement for AI tool use. Users are accountable for AI-generated outputs and must fact-check all outputs.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

CUHK Library advises users to be aware of privacy policies of AI platforms, to opt out of data being used for model training where possible, and to avoid inputting confidential information into external AI tools.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

LSE research guidance tells researchers not to share personal, sensitive, or confidential data with third-party AI tools unless the tools meet LSE privacy and security standards, and it strongly encourages Microsoft Copilot for privacy and security.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

LSE legal and regulatory guidance tells users not to put personal data, confidential or commercially sensitive data, or certain copyrighted content into external AI tools.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

LSE Claude for Education guidance says use is optional, student and staff data will not be used to train Anthropic models, and personal, operational, or confidential data must not be shared through Claude.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

For Marketing & Communications AI use, the New School guidance says consent must be obtained from all participants before AI technology is used to summarize and record meetings or other proceedings.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

The New School M&C AI guidance says AI tools should never be used in a way that violates university standards or policies, and specifically points users to the Acceptable Use Policy and the Standard for Information and System Classification.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

The New School M&C AI guidance identifies uploading check-in data or sensitive contact and personal information to AI-powered platforms for audience prediction as unapproved usage.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

Ohio State teaching guidance says data entered in AI applications using a personal account will not be protected, and users must log in to an approved AI tool with Ohio State credentials before entering institutional data above S1.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

Ohio State OTDI guidance says unvetted AI tools should not receive institutional data above S1, and users should enter only the data necessary when using approved AI tools with institutional data.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

Ohio State responsible-use guidance says public GenAI prompts should be considered public and used to train AI models, while prompts and results in Ohio State-provided Copilot Chat, Gemini, and Microsoft 365 Copilot are protected inside OSU's environment and not used to train public AI models.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

The University of Auckland's public TeachWell explainer for the AI Usage Standard says users should assess data against the University's data classification before submitting it to an AI tool, and says restricted data should not be used with AI chat services.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

Auckland Law School tells students not to enter confidential, client, personal, proprietary, copyrighted, or legally protected information into AI tools.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

Auckland Law School lists university-provided secure AI tools as Microsoft Copilot, Google Gemini, and NotebookLM when signed in with university accounts.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

TMU's Google AI Tools Help Centre says only public or low-sensitivity information should be entered into TMU's Google AI tools, and sensitive or confidential information should not be used in prompts, uploads, or activities.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

TMU's GenAI learning and teaching guidance tells users not to submit anyone's personal information into GenAI models without consent or an ability to opt out.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

TMU states that privacy and AI impact assessments and a security risk assessment were conducted before releasing the Gemini App and NotebookLM at TMU.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

UPC states a commitment not to introduce personal, sensitive, confidential, or intellectual-property data into AI systems without express authorization, an established criterion, or adequate anonymization.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

UPC IT guidance recommends not sending legally protected or confidential data to external AI applications; for non-institutional tools it says not to enter protected or confidential data and to consult ATIC.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

UPC IT’s Microsoft Copilot Chat page tells users not to share confidential or personal information, to authenticate with a UPC account, and to use Copilot only when the green shield indicates data will not be used for AI training.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

Universität Stuttgart tells students not to enter copyrighted material into AI systems that store or train on inputs, and not to enter confidential, internal, or personal data unless an explicit university rule allows it.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

Universität Stuttgart's AI-tool whitelist permits RAI with GWDG models for C1, C2, and C3 information with documented C3 approval, and permits RAI with OpenAI models over Azure only for C1 and C2 information.

Evidence records: 2. Original evidence remains canonical on the linked university record and public JSON.

Universität Stuttgart's AI-tool whitelist says unreviewed public AI systems such as ChatGPT Free or Grammarly Free may be used only for public C1 information and must not receive internal, personal, or confidential information.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

UdeM Directive 10.70 tells administrative staff that confidentiality level 3 and 4 information must never be entered into a generative AI tool.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

UdeM's graduate-studies guidance says graduate students working with human-participant research data must not submit personal or identifying participant information, or information that could identify an individual or group, to generative AI tools.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

UdeM's TI page for administrative staff says some generative AI tools are permitted if Directive 10.70 principles are respected, but identifies READ.AI and DeepSeek as proscribed tools.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

University Library Basel guidance on licensed e-resources says third-party use includes uploading licensed content or data to external platforms, specifically ChatGPT and other AI platforms, where storage and future use are controlled by third parties.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

In its AI teaching scenarios, the University of Basel identifies compliance with data protection and copyright law, including assessing tools from those perspectives, as part of productive AI-tool integration in learning and teaching.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

For regulating AI use in exams and assessments, the University of Basel lists task adaptation, preventing tool access, and declaration-of-independent-authorship restrictions as measures.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

The Faculty of Organizational Sciences guidance lists prohibited generative AI uses including academic-integrity violations, generating or spreading false content, copyright violations, and entering business or official secrets or other sensitive content into prompts.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

The Faculty of Organizational Sciences guidance states that generative AI use is permitted only with respect for academic integrity principles, copyright and intellectual property, personal-data protection, ethical principles, and confidentiality obligations.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

The Faculty of Organizational Sciences journal AI policy requires authors to disclose generative AI use in both the cover letter and a manuscript statement, forbids authors from including personal, confidential, or proprietary material in prompts, and says GAI must not be used to generate peer-review reports.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

University of Bern IT Services says organization units may procure AI services themselves, but for AI systems not listed on the Generative KIs page, personal data, official or professional-secret data, and especially sensitive personal or research data must not be entered; only information intended for the public or otherwise without legal protection requirements is allowed.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

University of Bern IT Services says that if an organization unit needs to enter and process covered data in AI systems, it must prepare an ISDS concept in advance and have it reviewed by the University of Bern CISO, legal service, and the Canton of Bern data protection supervisory authority; this also applies before processing official/professional-secret data or especially sensitive personal or research data in listed systems.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

The University Library Bern GenAI step-by-step guide frames responsible GenAI use as a 14-question decision process that includes checking whether GenAI use is allowed for the task, whether confidential data are protected, whether use is documented for transparent disclosure, whether UniBE procurement and data-protection guidance has been read, and whether the user remains responsible for research output.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

UCalgary IT guidance says a secure version of Microsoft Copilot Chat is available for users with a UCalgary IT account; users must sign in with UCalgary credentials, and personal or Level 3 or 4 business information must not be entered into other large language model tools unless reviewed and approved through the Software Acquisition Process.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

University of Calgary teaching-and-learning guidance says student, faculty, and staff use of generative AI should adhere to existing academic integrity policies, and instructors using generative AI must follow privacy laws for student data.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

For graduate studies, the Faculty of Graduate Studies guidelines say graduate students remain fully accountable for work produced with GenAI and are expected to be aware of privacy, confidentiality, and intellectual-property risks.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

UCSB's AI technical and security guidance calls for assessing AI third-party applications, consulting the Office of Information Security on AI use cases and implementations, and contacting the Chief Information Security Officer's office for P3/P4 data use.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

UCSB Information Technology guidance says ChatGPT should be treated as potentially unprotected for personal, confidential, or otherwise sensitive information and should not be used with sensitive or confidential information.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

UCSB guidance says instructors using AI to identify patterns in student work by uploading that work should obtain student permission and use only campus-approved AI platforms.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

University of Cincinnati guidance says users should verify information is classified as Public before using AI or Generative AI tools and says AI use should not involve confidential, sensitive, or restricted information.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

University of Cincinnati guidance strongly recommends logging into UC-licensed AI tools with UC credentials to help protect individual and institutional privacy and security.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

University of Cincinnati's AI policies page states that people with access to UC digital infrastructure, data, or services are required to comply with UC information security policies while using AI at the university.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

UNIGE's generative AI principles require respecting applicable laws and paying particular attention to data protection, intellectual property, official secrecy, and confidentiality.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

Within UNIGE's Faculty of Science, sensitive data such as personal data must not be disclosed to a public AI tool that does not guarantee confidentiality.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

UNIGE's Digital University practical guide warns that content submitted to generative AI may be accessible to the tool owner or exposed in a data breach, so users need to understand what can and cannot be shared.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

University of Glasgow IT guidance identifies Microsoft Copilot Chat as the only AI service approved for use with University data and says users must be logged in with UofG credentials for approved use.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

University of Glasgow IT guidance says confidential or sensitive information belonging to the university or a third party should not be put into AI tools.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

University of Glasgow's PGR GenAI checklist advises PGR students to avoid uploading confidential or sensitive information, including research data and peer review content, to AI tools.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

UGR guidance recommends avoiding sensitive information in public AI tools, using secure institutional tools, and prioritizing tools provided or contracted by UGR because they undergo privacy and security review.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

UGR research guidance recommends declaring AI use with technical and methodological details, verifying and supervising AI outputs, assuming authorship responsibility, and protecting data privacy.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

CEPRUD says it evaluates market AI tools for university uses and tells users to review privacy terms and conditions before using any listed tool.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

University of Hohenheim guidance warns that third-party data may not be passed into AI systems without consent and says personal, confidential, or otherwise sensitive data generally must not be fed into AI systems.

Evidence records: 2. Original evidence remains canonical on the linked university record and public JSON.

Hohenheim KIM describes GPTalk as a university-internal AI chat service for university members that provides browser-based access to modern language models, including OpenAI ChatGPT and open-source models, without requiring an external account.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

The GPTalk guide tells students not to use GPTalk as their sole source, to enter no personal data, to remain responsible for the content as authors, and to make AI use transparent; it also says lecturers may not use GPTalk to correct or assess student work.

Evidence records: 2. Original evidence remains canonical on the linked university record and public JSON.

KU data-use guidance says only public information should be entered into public third-party AI tools unless an enterprise-approved protected environment is used.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

KU data-use guidance says Microsoft Copilot is approved for public, sensitive, and confidential university data only when users sign in with the relevant KU account and Enterprise Data Protection is active; restricted data requires additional consultation or review for KU Lawrence users.

Evidence records: 2. Original evidence remains canonical on the linked university record and public JSON.

KU researcher guidance says researchers should comply with sponsor, publisher, institutional, and disciplinary rules when using GenAI and should consider confidentiality, privacy, intellectual property, and disclosure requirements.

Evidence records: 2. Original evidence remains canonical on the linked university record and public JSON.

UMB says Sensitive/Restricted Data, including PII and PHI, should not be uploaded into public AI systems, and confidential or sensitive UMB data should only be uploaded into approved secure UMB-sponsored AI systems.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

UMB states that AI tools must be reviewed and approved before use on university devices, networks, or with university data.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

UMB's AI Toolkit organizes AI tools by data classification level and identifies Level 2 enterprise AI tools as approved for highly sensitive and confidential data.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

UMN OIT guidance says University users should safeguard data by uploading only allowed University data into appropriately licensed AI tools, and it distinguishes UMN-licensed tools from an individual ChatGPT license.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

UMN OIT guidance says AI outputs should be closely reviewed and verified by a human, and AI-generated code for institutional IT systems and services should not be used unless reviewed by a qualified technologist.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

University Marketing Communications guidance, scoped to marketing and communications work, says AI output should be reviewed, verified, and modified, and that AI use should comply with University data privacy and information security policies.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

UNR strongly advises users not to share sensitive, confidential, or regulated data with AI tools, because tool data-sharing practices may compromise confidentiality.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

UNR's OIT AI usage policy applies to students, employees, contractors, and third parties using AI platforms on behalf of the University, and frames responsible AI use around information security, data privacy, copyright, and academic integrity.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

UNR directs users to initiate an OIT Compliance vendor risk management assessment before integrating an AI tool into daily tasks.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

The USNH Artificial Intelligence Standard, which applies to USNH component institutions, says users of AI tools must not share or enter non-public Tier 2 or higher data, including PII or non-public research data, and that any AI implementation is subject to USNH policies, standards, and security review.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

UNH Provost syllabus guidance says generative-AI detection tools should not be used to make definitive academic-integrity judgments, and says uploading documents containing student names, emails, or ID numbers violates FERPA; faculty using AI-enabled tools to evaluate student work must disclose that use and keep student data protections in mind.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

USNH's AI chatbot KB identifies DeepThought and Microsoft Copilot as USNH-provided AI options, recommends signing into Copilot with a USNH account for enterprise data protection, says public chatbots such as ChatGPT and Bard are not secure, and says alternative AI solutions must complete the Security Assessment Review process before purchase or implementation.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

UNC-Chapel Hill's administrative generative AI guidance says sensitive information should not be entered into generative AI tools unless the Information Security Office has completed a risk assessment and the Data Governance Oversight Group has approved the tool for sensitive information.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

UNC-Chapel Hill's research guidance treats entering private or confidential information, research data, grant proposals, or analytical results into public generative AI tools as a public disclosure of that information.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

UNC-Chapel Hill's faculty grading and assessment guidance says AI systems used for grading or feedback must be institutionally approved and compliant with data security and privacy standards; faculty using GenAI for grading retain full responsibility for evaluative decisions and feedback.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

UiO's teacher guidance says that when teachers allow AI use, they should provide clear AI-use guidelines and communicate academic integrity, accuracy, and source-use requirements to students.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

UiO describes GPT UiO as a UiO-developed service for using AI models within UiO privacy requirements, and says GPT UiO can generally be used in teaching, research, and administrative tasks with data up to yellow (limited).

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

UiO recommends GPT UiO or Microsoft Copilot for students because, according to the student guidance, personal data and submitted data are not shared onward and conversations are not used to train future models.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

University of Regina policy treats data used to develop, operate, share, manage, or record GenAI systems as institutional data that must align with the University's Freedom of Information and Protection of Privacy policy and data handling standards.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

For GenAI projects or systems, University of Regina employees are directed to identify, assess, and analyze risks including privacy and security, and University-wide GenAI projects, tools, systems, or intended enterprise-data uses require approval through established IT project approval processes.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

University of Regina CTL guidance for faculty and instructors recommends that instructors set clear GenAI rules and syllabus statements, require students to disclose AI use when incorporated into coursework, and protect student privacy and intellectual property in teaching uses of GenAI.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

USask administrative AI guidance strongly recommends not inputting personal information or confidential data into AI tools and says administrators should prioritize USask-approved AI tools.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

USask student AI guidance says students should use AI to support, not replace or misrepresent, their learning, follow instructor rules, and avoid inputting personal information or confidential data into AI tools.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

USask research AI guidance says researchers are accountable for output integrity and should consider tool security, protect confidential or sensitive information, and be transparent about AI use.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

USC’s Generative AI General Policy says Internal Use Only, Confidential, and Restricted Confidential Data may not be entered into Individual AI Tools, and Restricted Confidential Data may not be entered into any AI Tool, including USC Enterprise AI Tools, unless the Office of Ethics and Compliance gives written approval.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

USC’s Generative AI General Policy says departments, schools, and units may not acquire Individual AI Tools without first consulting the Office of Cybersecurity, Office of Ethics and Compliance, and Office of the General Counsel.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

USC ITS says Codex is available to users who meet approval criteria, and that only Public and Internal Use data may be used in Codex at the time of the guidance; Confidential data must not be entered into ChatGPT or Codex.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

UiT advises that personal information should not be entered in Microsoft Copilot or other tools that are not approved by UiT, and sensitive information should not be input into such tools.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

UiT says DeepSeek is not permitted on UiT-owned equipment, and employees are also prohibited from using UiT services such as email, Teams, and OneDrive on personal devices where DeepSeek is installed.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

UiT describes ChatUiT as its own version of ChatGPT and states that user data is neither shared nor used for training.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

UT's AI dossier tells users not to include personal, student, research, confidential, or sensitive data in public AI tools.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

UT's AI dossier says the university is developing an AI Compliance Framework and instructs staff and researchers to report AI applications via the AI Office for appropriate measures under the AI Act.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

UT's AI and assessment guidance warns that AI detection software has limits and may raise privacy, confidentiality, and trustworthiness issues.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

UVM's approved AI tools page says approved AI applications are approved by data risk level, and a tool approved for one risk level is not approved for higher-risk data.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

UVM's approved AI tools page lists general AI tools such as ChatGPT, Claude, and Gemini as public-information-only unless another use case goes through Contract Review.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

UVM Graduate College AI guidance tells graduate researchers not to share confidential, proprietary, or IP-sensitive data or information with an open-source AI engine.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

For UVic administrative or operational work, University Systems states that Microsoft Copilot is the GenAI tool approved for use with UVic Data, while publicly available tools such as ChatGPT, Claude, Gemini, and Perplexity are not approved for highly confidential, confidential, or internal UVic Data.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

UVic's Systems notice states that DeepSeek web and mobile applications do not meet UVic information security standards and that UVic will restrict DeepSeek applications on the UVic network, UVic-owned devices, and UVic-owned or personal devices used for university business.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

UVic's OVPRI research guidelines endorse following the Tri-agency AI guidance for research grant proposal development and review, and tell researchers to be transparent about GenAI use while avoiding upload of personal information or private or confidential research data except in few exceptions.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

UVA ITS terms say University Data classified as Highly Sensitive may not be included in GenAI Tools chat prompts.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

UVA Provost guidance says that if an assignment involves students uploading original work into a GenAI tool, instructors must provide alternative ways to complete the assignment.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

UVA ITS says appropriately licensed UVA GenAI tools keep prompt data in a UVA-specific tenant and do not share it with others or use it for AI model training.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

Waterloo IST tells users to confirm whether an AI tool is listed and approved for the intended type of University data before using it with University data.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

Waterloo IST says review processes assess AI tools used with University data for security, privacy, and contractual risks.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

For units or individuals deploying AI-enabled systems that process University data, Waterloo IST says projects must undergo an Information Risk Assessment and receive Information Steward approval before using University data.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

UOW's Assessment and Feedback Policy says staff are not permitted to upload student work to third-party tools, including GenAI or misconduct detection software, in the context of privacy and data policies.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

UOW's student guidance recommends Microsoft Copilot when students use GenAI and says Copilot's Enterprise Data Protection means prompts and responses are encrypted and not retained by Microsoft to train its products.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

University of Wollongong warns that uploading personal, sensitive, or confidential information to generative AI may compromise privacy.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

For University data, York's IT guidance says staff and students must only use GenAI tools that are provided and licensed by the University.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

University of York says students must sign into Gemini with University credentials to ensure data protection.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

University of York tells students not to upload personal, sensitive, or copyrighted material to generative AI.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

For employees, Utrecht University says it is not permitted to create an AI-tool account using a UU email address or SolisID unless the AI system or tool is university supplied and considered safe.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

Utrecht University tells students not to use a UU student email address for AI-tool verification or account creation and notes that teachers cannot force students to create an AI-tool account while UU lacks secure AI tools.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

Utrecht University's researcher guidance says personal or sensitive data should not be used as GenAI input unless the user is certain data protection law is respected.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

Victoria University says users who want to use alternative AI tools must assess them using the AI Risk Classification Model, follow AI Steering Committee guidance, and register AI tools in the planned AI Registry.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

Victoria University's AI Governance and Responsible Use Policy restricts access to AI training data or AI outputs involving sensitive or identifiable data to authorised users with a legitimate business purpose.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

A Victoria University library guide identifies Microsoft Copilot Chat with enterprise data protection as an AI tool recommended by VU for students signed in with a VU account, while cautioning that confidential information should not be shared with AI tools.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

VU Amsterdam's framework says students cannot be required to use AI tools for which VU has no license, and students, lecturers, and support staff do not process personal data or other confidential data in AI tools.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

VU Amsterdam's framework says AI detectors are not permitted because they are unreliable and do not meet VU privacy requirements.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

VU Amsterdam's research guidance says GenAI use in research must meet scientific-research standards, take existing VU policies on ownership, scientific integrity, privacy, personal data, and knowledge security into account, and be transparent about which parts of research used GenAI.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

York UIT states that York University data must not be entered into public AI platforms such as ChatGPT, Gemini, Claude, or similar services.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

York's administrative AI chatbot and meeting-assistant guidelines state that only approved AI meeting assistants can be used for internal York virtual meetings, and meeting participants must be notified and consent before use.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

York University's administrative and operational use guidelines state that staff GenAI use is subject to management approval and that use cases requiring oversight should be reviewed before use.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

The AAU alumni site privacy policy says the site may collect user contact details and device information, uses analytics and service-related contact information, and reserves alumni personally identifiable information for alumni and Alumni Affairs & Development use for personal and University-related purposes.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

The AAU reform documents feedback portal privacy notice says visitor comments collect form data, IP address, and browser user agent for spam detection, and says users who left feedback can request export or erasure of personal data subject to administrative, legal, or security retention needs.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

Adelaide University's Graduate Research School guidance tells graduate research students not to upload sensitive, copyrighted, or confidential information, or unprotected intellectual property, into AI tools.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

Adelaide University's Cyber Security Policy states that AI systems are part of its digital environment and are subject to the same cyber security, data protection, and compliance requirements as other information systems.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

ABU's Research Policy assigns responsibility for research data collection, management, storage, and retention in research projects; the source does not state AI-tool-specific privacy or security rules.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

The crawl found official ABU pages discussing AI strategies and teaching/learning context, but did not find a public official ABU generative-AI use policy, approved/prohibited AI tools list, or AI-tool data/security policy.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

Alexandria University's AI governance strategy discussion included ensuring safe and responsible AI use through regulatory and ethical frameworks while adhering to data protection and privacy standards.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

Alexandria University's Faculty of Education AI research framework identifies privacy, result falsification, plagiarism, and overreliance on AI technologies as ethical and legal risks in research use of AI.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

AUB's research GenAI guidance says confidential data must not be shared with AI systems unless appropriate data protection agreements support that sharing.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

For research data management and security, AUB's guidance limits GenAI use to secure AUB servers or approved encrypted clouds and directs sensitive research data away from public GenAI APIs.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

AUTH's GenAI principles advise users not to enter institutional, copyrighted, confidential, personal, or sensitive data into GenAI tools.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

AUTH Library's academic-writing AI tools page frames AI tools as assistants for search, analysis, and writing, while advising responsible use, source verification, academic-integrity respect, disclosure when required, and avoidance of confidential data uploads.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

ACU's AI principles say AI must supplement rather than replace human decision-making, with humans retaining responsibility, and require privacy risks to be assessed and mitigated for AI-related activities.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

ACU research guidance says HDR candidates should declare GenAI use for thesis copyediting/proofreading, discuss intended research use with supervisors, record and acknowledge tool usage and prompts, and should not input sensitive or confidential information into GenAI tools.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

BITS Pilani's Data Privacy Policy says that when Personal Data is used as input for generative AI models, safeguards must prevent the Personal Data from being used to train the model unless prior written consent is obtained from the Data Principals, and the use must comply with applicable privacy laws.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

BITS Pilani's Data Privacy Policy says AI tools such as ChatGPT or CoPilot should not be used wherever personal, sensitive, or confidential data is involved without explicit approval from the relevant Institute information security team or the BITS Pilani IT team.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

Boston University faculty and staff guidance says users should avoid inputting or sharing private or sensitive information through commercial GenAI tools because this could violate privacy laws or university policy, and says TerrierGPT is recommended for institutional use but is not approved for restricted use data.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

Boston University's TerrierGPT page says data entered into TerrierGPT is not used to train external models and that the platform is approved for confidential, but not restricted-use, data.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

Brandeis AI use guidance requires AI applications to comply with Brandeis data governance and cybersecurity policies, and says regulated, restricted, or confidential information in AI tools requires authorization and safeguards.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

Brandeis provides GenAI tools with data protection to students, faculty, and staff, and distinguishes those tools from other tools that may not offer the same protection.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

For thesis work, Chalmers tells students to consult a Chalmers supervisor or relevant collaborator before using AI tools when there are uncertainties, particularly around data privacy and ethical issues.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

Chalmers Library's ethical-use guidance says users should not upload sensitive or private information, copyright-protected material, or text intended for a thesis, dissertation, or scientific publication to chatbots.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

Chandigarh University's Research Policy says research techniques must not violate established professional ethics relating to health, safety, privacy, personal rights, or injury or pain to animals.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

Chandigarh University's Student Code of Conduct instructs students to use digital platforms responsibly and ethically and to refrain from cyber bullying, hacking, or misuse of institutional systems.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

CDU prohibits employees and students from putting confidential or sensitive information or intellectual property into GenAI platforms.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

CDU staff may use generative AI tools for legitimate work purposes, but must not enter confidential, sensitive, or personally identifiable University information unless it is appropriately de-identified or redacted; tools with unclear hosting, ownership, or data handling must not be used with University information.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

Charles University advises users not to put sensitive data, personal data, or internal university data into commonly available chatbots; it limits protected/internal-data use to Microsoft Copilot under the university license or specific local-model cases.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

Charles University leadership does not recommend deploying or using DeepSeek for work and academic purposes and recommends Microsoft Copilot for Education for broad university use because its security risks are contractually and technically treated.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

For undergraduate graduation theses/designs, China Agricultural University's Undergraduate School notice says the university encourages reasonable AI use for efficiency and idea expansion but prohibits direct writing of core thesis content, falsifying research data or processes with AIGC tools, whole-paper ghostwriting, and uploading confidential theses.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

For confidential, delayed-publication, or unpublished graduate thesis/practice成果 content, China Agricultural University's Graduate School warns students to protect content and prohibits uploading confidential content or misusing generative AI in ways that endanger data security, infringe intellectual property, or leak personal privacy.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

Concordia CTL guidance says Concordia has not approved or acquired online AI detectors and therefore staff or faculty use of them is not permitted because of privacy laws and regulations.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

Concordia's educational technology guidelines say a Privacy Impact Assessment is required whenever third-party technology uses, shares, or stores personal information, and that a written agreement with Concordia is required after a successful PIA.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

Deakin research guidance says commercial genAI platforms may store data externally and researchers should use only non-sensitive, non-confidential content suitable for public or external use.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

Deakin identifies a set of approved genAI and digital learning tools for learning, including Deakin GEM, Studiosity+, Microsoft Copilot for web, and FeedbackFruits.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

DCU Graduate Studies guidance tells research students not to submit research data, personal data, or sensitive information to free AI tools.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

DCU's AI position statement tells staff to act legally, ethically and transparently, disclose generative AI use for university-related work, and avoid sharing personal, confidential, institutional or strategic data with AI tools.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

EPFL advises students not to input confidential, private or personal information into generative AI tools. When using generative AI tools, students are sharing data with private companies and lose control over it.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

EPFL guidance says enterprise licenses such as Microsoft 365 Copilot via EPFL account are currently not a secure solution for processing regulated data because EPFL has not signed a data processing agreement guaranteeing aligned data protection measures.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

EUR's central GenAI guidelines say users should not share personal or confidential information with GenAI tools and may use publicly available or published university information if use also follows the Acceptable Use Policy.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

EUR's PhD trajectory GenAI policy allows PhD research use of GenAI systems when its principles are followed, prefers licensed or EUR language-model systems, and advises consulting a privacy officer before using another program.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

ETH Zurich recommends Microsoft Copilot, Google Gemini, and NotebookLM for teaching purposes, as they offer data-protected access via ETH accounts where personal data is not used for training models.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

Students must refrain from disclosing copyrighted, private, or confidential information to commercial GenAI clients unless expressly permitted, and must respect privacy and copyright of content they work with.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

Georgia Tech OIT guidance says faculty, staff, and students shall not submit PII, Protected Data, Regulated Data, or Georgia Tech Organizational Data into any AI tool.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

Georgia Tech OIT says Institute technology services and tools must undergo comprehensive review, and third-party AI plugins are disabled pending comprehensive risk review.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

Georgia State guidance says faculty, staff, and students may not submit directly identifying data or university Sensitive or Confidential data into AI tools that are not supported by Georgia State.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

Georgia State guidance says tools used for processes involving Sensitive or Confidential university data should not be used without contract review of data processing, privacy, and security before use.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

TU Graz guidance requires transparent labelling of AI-supported tool use where applicable and cautions against entering personal, confidential, trade-secret, or NDA-protected data into AI applications.

Evidence records: 3. Original evidence remains canonical on the linked university record and public JSON.

TU Graz states that Academic AI is available to all TU Graz employees and is intended to provide a secure AI environment respecting data protection and information security.

Evidence records: 2. Original evidence remains canonical on the linked university record and public JSON.

Griffith eResearch guidance says Microsoft Copilot is approved for Unofficial, Official (Public), Official (Internal), and Sensitive data classifications when users log in with a Griffith account, while Protected data is not approved for Microsoft Copilot.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

Griffith's student generative AI guidance warns that many open or public tools do not guarantee confidentiality and advises users not to enter personal information, information about others, or course materials such as assessment tasks or marking rubrics.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

UHasselt's AI-tools page recommends using AI tools critically and says highly sensitive or personal information should not be entered even in paid versions; it recommends Gemini Pro for general AI use.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

UHasselt's research guidance for generative AI tells researchers to remain responsible, use GenAI transparently, pay attention to IPR and privacy, respect existing regulations, and avoid GenAI for sensitive activities such as peer review.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

Where generative AI use is allowed, Hiroshima University's policy says students should be told that using AI output as-is may amount to copyright infringement or plagiarism, and that any use or quoted output should be made clear in reports and similar assignments.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

Where generative AI use is allowed, Hiroshima University's policy says students should be warned that AI use can lead to leakage of personal or confidential information and that generated outputs may be incorrect.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

For HU employees, the central AI guide says confidential data and non-public research data must not be entered into publicly accessible generative-AI tools, and personal data must be removed or anonymized unless using HU internal CMS AI offerings configured for data protection.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

HU Berlin advises that generative-AI tools should be checked for data-protection and IT-security risks before use, and that AI-tool procurement should consider a preliminary review, especially where personal data may be processed.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

Indiana University guidance says public generative AI tools are not approved for IU institutional data, even when the data are anonymized.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

Indiana University states that it does not currently have specific generative AI policies apart from policies related to data security and privacy.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

INSA Lyon's generative AI charter says use of generative AI tools to process personal, strategic, or confidential data is conditioned on prior institutional validation, and that uncontracted online generative AI services are prohibited for processing personal data.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

For INSA Lyon research and innovation activities, the generative AI charter says confidential peer-review documents require vigilance around strategic information and that, when confidentiality applies, generative AI use is prohibited.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

IPB guidance says AI use must consider IPB security and confidentiality rules; AI use must not disclose or store personal information of students, lecturers, or education staff without permission, and must protect academic data.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

IPB guidance identifies LMITD, DRI, and DTPTP as bodies authorized to regulate AI use supporting IPB academic activities; IPB academic community members must comply with established AI-use rules and consult the relevant body where required.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

Istanbul University Press policy says reviewers and editors cannot upload submitted work, in whole or in part, to a generative AI application.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

An Istanbul University EBS syllabus for 'Sahne Sanatlarinda Yapay Zeka Uygulamalari II' includes generative AI, verification, bias, hallucination analysis, copyright, student data/privacy, institutional policy, and risk management as course content.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

JLU HRZ guidance says external AI services such as chatgpt.com outside JLU kiChat require review or approval for personal, non-public, or confidential data, and states that chatgpt.com must not be used for personal or non-public information.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

JLU presents central AI offers for its members, including HRZ-provided JLU kiChat and API services described as secure and privacy-compliant AI solutions for research, teaching, and administration.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

K-State's employee guidance says users should not enter Protected Information into any AI system that has not been approved by Kansas State University.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

K-State's employee guidance identifies several AI services as approved when accessed through Single Sign-On and identifies DeepSeek as prohibited from use.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

Korea University tells instructors not to enter personal information, academic records, assessment questions, or other sensitive or non-public materials into AI tools, with special caution for external AI services.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

Korea University tells learners not to enter personal information, non-public learning materials, or assessment questions into external AI tools, and to remember that AI inputs may be stored or reused.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

Kyoto University states that highly confidential information that must not leave the university should not be entered into generative AI services.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

Kyoto University warns students not to casually enter privacy-related information, confidential information, or copyrighted works into generative AI prompts or uploaded data.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

La Trobe University policy says staff, students, contractors, honorary and adjunct staff must not disclose University information into publicly accessible or open-source AI systems.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

La Trobe University policy requires an AI Adoption Risk Assessment for procurement or acquisition of all new AI systems/tools and for new use cases of existing university-approved AI systems/tools.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

For research, Maastricht University says researchers hold final accountability for ethical use of GenAI tools and must act in accordance with research integrity, personal-data, and UM policy rules.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

For operations, Maastricht University says GenAI tools are never used to process personal or organisation-sensitive data unless transparency and applicable safeguards are in place.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

McGill explicitly rejects DeepSeek AI for McGill-managed or research-funded devices, rejects Read.AI and other AI meeting bots for McGill use, and says tools not mentioned in the available AI tools list are automatically considered rejected.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

McGill guidance says users should mitigate potential privacy concerns by removing personally identifying information when using AI tools, be careful with sensitive or restricted material, and avoid using Personal Health Information (PHI) or Payment Card Industry (PCI) data with AI tools.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

Murdoch University Library says AI functionality in its databases and systems is tested by a Library Generative AI working group against criteria that include functionality, accessibility, technical requirements, privacy, data protection, rights, and ethics.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

Murdoch University Library guidance says uploading copyrighted materials or Murdoch intellectual property to AI tools without an existing Murdoch University agreement is against its generative-AI guiding principles and copyright requirements.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

NTU Health Policy and Management conduct rules allow AI tools according to teaching and research needs, but require users to clearly explain the content and scope of use, respect privacy, disclose assistance sources, verify AI output, and take responsibility for results.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

NTU Social Work journal publication ethics says reviewers must not input manuscript content or review-related material into generative AI tools to help write review comments, in order to protect manuscript confidentiality and author rights.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

KPI supports rational experimentation with generative AI tools for academic activity when information security, data confidentiality, copyright, and academic integrity are considered.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

KPI's AI guidance tells users not to enter personal or confidential information into AI tools because AI stores those data.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

NJIT says university-wide licensed AI tools go through a security and data vetting process within Information Services and Technology, and departments or instructors seeking an AI tool are recommended to contact IST for vetting assistance.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

NJIT guidance says confidential information should not be shared with AI if the AI is being trained on submitted content, including in student use contexts.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

Oregon State University guidance says instructors may not input student work into GenAI tools or applications that are not approved by OSU.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

Oregon State University says AI tools under review may only be used with unrestricted, publicly available data.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

When instructors allow generative AI use, UC guidance tells them to promote personal-data protection by avoiding feeding AI tools names, grades, or other private or sensitive information.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

UC's Docencia con IA guidance frames AI-supported teaching around deep learning, human dignity, inclusion, academic integrity, ethical responsibility, and data security/privacy.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

PNU students must not enter personal data or confidential data from restricted records into generative AI tools and must protect that data when using generative AI.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

PNU researchers must not use generative AI to misrepresent research, fabricate data, plagiarize, present AI-generated content as human-created content, or use generative AI in sensitive activities such as peer reviews or evaluations.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

Princeton University requires that only University-licensed generative AI tools should be used with University Information classified as Internal or Confidential, and the use of publicly available generative AI tools in conjunction with such Princeton Information is not permitted by the University.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

Princeton University's OIT guidance states that non-public Princeton data should not be used in public generative AI tools, and that University Information classified as Restricted must not be used with any AI tool.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

Qatar University instructs users to avoid entering personal, confidential, and sensitive data into AI tools or platforms.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

For Qatar University AI Research and Innovation Hub resources, the terms state that requested resources are for specified research projects, required IRB or ethics approvals must be obtained before use, and project data must follow Qatar University data protection, privacy, research governance, IT security, acceptable-use, and data-handling policies.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

Ritsumeikan University's student-facing generative-AI guidance cautions against casually entering personal information, highly confidential information, unpublished papers, drafts, or research data into generative AI.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

Ritsumeikan University's IT support page identifies generative-AI information leakage and intellectual-property risks as dangers to consider when using generative-AI services.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

RUB's GPT@RUB usage directions say third-party personal data and sensitive third-party personal data may not be used as GPT@RUB input, and GPT@RUB or other AI systems may not be used for automated decision-making in examinations.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

The GPT@RUB privacy notice says RUB IDs are stored on the server and not transmitted to OpenAI, chat entries are forwarded to OpenAI without identifiers and IP addresses visible to OpenAI, and personal data from third parties should not be used in chat.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

USJ's CINIA guidance warns that free AI tools may carry privacy-related risks and should be used with awareness of secure and responsible-use considerations.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

USJ's CINIA training catalog includes student training on proper use of AI tools, with ethical questions such as data confidentiality, AI-error responsibility, and possible discrimination from biased training data.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

Shanghai University's technology ethics notice states that university units and individuals conducting AI, big-data, and related teaching or research activities involving people, animals, or other technology-ethics matters should apply in advance for ethics review related to technology safety, including bioinformation security and data security, and may proceed only after approval.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

Shanghai University's academic committee meeting report says the draft temporary generative AI use guide was intended to guide responsible use of generative AI tools in teaching and research, uphold academic integrity, protect data security, and support AI-enabled education reform.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

SUSTech's CS114 Introduction to Generative Artificial Intelligence course specification is course-level curriculum material that says the course covers generative AI history, principles, deployment, interdisciplinary applications, and ethical, security, and privacy discussions; it is not an institutional AI-use policy.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

SUSTech's CS114 course calendar includes lessons on GAI privacy and security, GAI ethics, AI hallucination in large models, GAI-assisted programming, and AI agent engineering; this is course-level curriculum evidence rather than an institutional AI-use policy.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

A Sunway University Explore teaching article says academics should prioritise ethical considerations when integrating AI, including safeguarding student data privacy, mitigating algorithmic bias, and ensuring transparency and accountability.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

A Sunway Online article advises postgraduate students to critically evaluate AI-generated information and to take care to attribute AI-generated work, understand content risks, and consider privacy and intellectual-property laws.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

Swansea University's AI assessment policy says staff and students should not enter identifiable information into any AI application, and are not permitted to upload student assessment or identifiable data without explicit written consent.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

Swansea University's student AI framework asks students to apply University policies on data protection, privacy, and academic integrity when selecting and using approved academic work, and to follow assessment instructions around permitted AI use and disclosure.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

Swinburne's AI usage procedures require AI use to align with its Data Classification and Privacy Frameworks, including restrictions on entering sensitive or restricted data into AI systems without enterprise data protection.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

Swinburne has official AI usage procedures that apply to staff, students, researchers, contractors and affiliates using AI tools in Swinburne-related operations and commercial or academic activities.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

TalTech permits AI technologies in teaching and learning only when they comply with personal data processing, data privacy, and cybersecurity regulations and their use does not violate regulations.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

TalTech's ChatGPT Edu usage rules say users should use ChatGPT primarily for ideas, drafts, and helper text, must not delegate critical decisions to the model, and must not upload sensitive personal, confidential, security-critical, or unauthorized copyrighted content.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

DTU says content subject to GDPR or otherwise critical for DTU or individuals should use Copilot for the web.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

DTU's tool guidance says an AI tool should go through DTU's official channels before use when a responsible person would impose it on others at DTU.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

Technion CIS says that when users handle personal or confidential information, only organizational AI tools must be used, and personal or confidential information should not be entered into external tools.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

Technion CIS compares its ChatGPT Education store license with Plus by saying the Education license provides high-level data privacy, encryption, data-retention controls, and a commitment not to use user data for system training unless explicitly authorized by the researcher.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

The URZ ChatAI page states that, compared with commercial providers, no data is stored at GWDG or elsewhere or used for training, and open-source models are hosted directly by GWDG.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

A TU Freiberg news item says DeepSeek R1 is available to university members through a GWDG agreement for privacy-compliant testing via AcademicCloud services.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

TU Berlin's living AI guidelines say personal data may be entered into generative AI tools only when the operator neither makes the data accessible to third parties nor uses it as training data; confidential information, sensitive research data, and internal documents are not permitted inputs.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

TU Berlin's data-protection blog recommends limiting personal data in ChatGPT, not sharing confidential information, avoiding personal data especially about third parties, and disabling chat history because otherwise communication is stored long term and may feed training data depending on settings.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

TU Dublin's GenAI teaching and learning guidance says personal data should not be entered into GenAI systems that are not supported or approved by the University, and that students should not collect, store, or upload personal data to a GenAI system without permission or consent.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

For sensitive, confidential, intellectual-property, or peer-review research contexts, TU Dublin guidance says only GenAI systems that do not retain data by default or allow retention to be disabled, or systems on closed or bespoke University hardware platforms, should be used.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

Copilot Chat is available to everyone with a University of Manchester account. The university has a contractual agreement with Microsoft ensuring prompts and uploaded files are private, protected by the same security and encryption as emails and OneDrive. The AI system does not learn from user prompts or data.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

The University recommends Microsoft Copilot for AI-related work. It is GDPR-compliant and protects University and personal data. Staff should always carefully consider whether adding personal information into an AI tool is necessary.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

The University of Melbourne advises researchers that they should not share confidential information or information about an innovation in a generative AI prompt, as that may mean the IP is no longer owned by the researcher or by the University.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

University of Melbourne students must not upload personal information (full name, date of birth, address, or other confidential/sensitive/private information) to GenAI tools.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

The University of Sydney has adopted a 'two-lane approach' to assessment: Lane 1 comprises secure, in-person supervised assessments to assure learning, and Lane 2 comprises open assessments that support and scaffold the use of all available and relevant tools including generative AI.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

The University of Sydney's generative AI guardrails state that confidential, personal, proprietary, or otherwise sensitive information should not be entered into AI tools.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

Tsinghua University prohibits teachers and students from using sensitive information, classified data, or unauthorized data to train or operate AI models.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

Tsinghua University's Guiding Principles establish five core principles for AI in education: principal responsibility (AI as auxiliary tool, teachers and students as primary agents), compliance and integrity, data security, prudence and critical thinking, and fairness and inclusiveness.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

Tulane guidance says Level 2 Internal, Level 3 Confidential, and Level 4 Restricted data should not be entered into publicly available generative AI tools, and the IT guide separately warns against entering Medium or High Risk Tulane information into public tools not covered by university licensing.

Evidence records: 2. Original evidence remains canonical on the linked university record and public JSON.

Tulane says procured generative AI tools or systems using generative AI require a security and risk review by the Information Security Office, and the IT guide says high-risk activities such as hiring, student assessments, or legal matters should not use generative AI without first consulting Tulane IT and Information Security.

Evidence records: 2. Original evidence remains canonical on the linked university record and public JSON.

Resolution 13/2025 says UNESP AI use should respect Brazil's LGPD, protect personal and sensitive data, and employ security practices to avoid undesired results and damage risks.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

Resolution 13/2025 says UNESP should implement at least area-specific AI conduct guides, AI/ethics/privacy training for teachers, staff, and students, and an Ombuds channel for reports of violations.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

UAEU states that students must complete a training session as part of orientation to comply with the GenAI policy.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

UAEU requires students to handle personal or sensitive data used with GenAI responsibly and to take precautions to secure GenAI tools and related data.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

UNAM's 2025 education recommendations advise faculty using generative AI in teaching to avoid entering personal or sensitive information into AI platforms and to orient students and colleagues about data privacy.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

UNAM's 2025 recommendations advise designing strategies for undeclared generative-AI use and caution against indiscriminate use of AI detectors because their effectiveness is questioned and they raise privacy concerns.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

Universidad Nacional de Colombia, Sede Bogotá guidance recommends AI literacy, ethical and responsible use, reflective integration, clear disclosure of AI use, redesign of tasks and assessments, human supervision, critical reflection, transparency about consequences of misuse, and attention to data security and privacy for teaching activities.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

Universidad Nacional de Colombia, Sede Bogotá AI-use guidance flags data security and privacy for teaching activities and management of sensitive data and privacy for research activities.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

UBO's generative AI charter says generative AI must not be used to process sensitive data, and non-sovereign generative AI must not be used to process confidential data.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

UBO's generative AI charter says only institution-validated generative AI tools identified as sovereign may be freely used, while respecting the charter principles.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

UDE tells users of Chat AI that prompts must not contain sensitive or personal data and that uploading copyrighted content is not permitted.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

UDE advises ChatGPT and related integration users to consider that interactions with ChatGPT may be logged and used in the referenced court process; it also notes OpenAI models are available in UDE Chat AI and logs are stored by Microsoft for 30 days.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

The UHH orientation framework says personal data must not be used in generative AI, including UHHGPT, while German supervisory authorities are still examining the lawfulness of personal-data processing in the underlying ChatGPT model.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

The public UHHGPT page says UHHGPT uses an institutional access to OpenAI's ChatGPT API; prompts are sent to the ChatGPT API, login or other usage data are not transferred to ChatGPT or OpenAI, and prompts are not stored.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

Universität Innsbruck offers employees with an active employment relationship access to Academic AI in a protected environment, recommends the in-house Academic AI model, and says staff use of Microsoft Copilot is expressly prohibited for data-protection reasons.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

Universität Innsbruck's FAQ advises prompts should be formulated without personal data where possible, confidential data entered into AI generators may no longer be treated as confidential, and freely accessible AI tools should not receive personal or copyright-protected data.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

The guidance states that if active use of an AI tool in a course requires registration with personal data, that use must be voluntary because GDPR must be observed.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

KIM identifies Chat AI via Academic Cloud as an AI chat service available to university members in Germany through federated login and presents internally hosted models as suitable for sensitive data.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

In the service context, Universität Mannheim's directive allows members and affiliates to develop, procure, use, operate, place on the market, or put high-risk AI systems into operation only after the Rectorate has been informed and has expressly consented.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

For service-context use, Universität Mannheim requires AI systems to be entered in the central AI register before development, procurement, operation, or market launch; confidential or personal data may be processed only in systems explicitly released for that purpose in the AI register, and systems marked not approved may not be used.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

The position paper says students and teaching staff cannot be obliged or asked to use ChatGPT unless technical and organizational measures prevent OpenAI from processing their personal data, and prompts must not contain personal or confidential university information.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

The ZfQ AI-in-teaching page says GPT.UP is available to University of Potsdam members and that its use ensures AI providers do not process students' personal data and student data is processed only for university-defined teaching purposes.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

Universite de Lille's SIAG charter advises users not to transmit sensitive documents or personal data to externally hosted generative AI systems and to check confidentiality policies and GDPR compliance.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

Universite de Lille's SIAG charter says teachers should specify SIAG-use instructions in their courses, inform students how SIAG use is or is not integrated into learning situations and assessments, and cannot require students to use SIAG tools that need personal data or payment.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

ULB's 2025-2026 general study regulations tell students not to disclose to AI personal or confidential data other than their own, and not to implicitly grant AI use rights over copyrighted or confidential productions.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

ULB's 2025-2026 general study regulations state that student use of personal data contrary to the AI-related confidentiality rules is subject to disciplinary sanction.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

The official Université Paris Cité GEN-IAS course catalogue states that the DIU covers generative AI in health, including organizational, regulatory, economic and ethical aspects, and targets competencies such as preventing risks, respecting the legal and regulatory environment, ethics, and human guarantee.

Evidence records: 2. Original evidence remains canonical on the linked university record and public JSON.

An official Université Paris Cité innovation-pedagogy announcement describes the IA-QUEST project as studying an LLM-assisted assessment workflow for medical ECOS, with local open-source LLM deployment framed as enabling RGPD-compliant use for sensitive ECOS data.

Evidence records: 2. Original evidence remains canonical on the linked university record and public JSON.

Universiti Malaya guidance warns students not to upload confidential academic materials, research data, or university documents to public AI platforms without permission.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

Universiti Malaya's AI policy includes increasing awareness of ethical risks, copyright issues, data security including data privacy, and algorithmic bias in AI use.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

UBIT guidance says individuals should not enter Category 1 or Category 2 data, including non-public research data, into Gen AI tools that the university has not contracted with.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

A UBIT advisory says UB aligns with SUNY and New York State restrictions on DeepSeek AI, prohibiting its download, access, or use on UB-owned devices or UB networks, and says all AI tools must be reviewed and approved by the UB Software Review team.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

Student guidance says learning materials and assessment information must not be entered into GenAI tools without explicit permission from the author, and students should never enter personal and sensitive data into GenAI tools.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

Staff guidance says staff should not enter University data, including student work, research data, or lecture materials, into GenAI tools without appropriate permissions.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

University of Alberta identifies Gemini via CCID as the institutionally approved generative AI tool for University of Alberta data, while other generative AI tools are not currently authorized for University data.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

University of Alberta's AI Data Safety Guidelines are designed to help users determine what data can be safely shared with AI while complying with university Information Security policies.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

University of Bath staff guidance says confidential or commercially sensitive data should never be shared with AI.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

University of Bath staff guidance says Microsoft Copilot accessed through a university login does not collect chat logs or data or train the wider model, and it advises using Copilot in preference to other tools when handling student data.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

University of Bergen says ChatGPT can only be used for green data and UiBchat can be used for green and yellow data.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

University of Bergen tells teachers they cannot require students to use services for which UiB does not have a data processing agreement.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

UCI Information Security lists UCI ZotGPT Chat, UCI Microsoft Copilot Chat, and UCI Google Gemini as appropriate for P1, P2, and P3 data, while non-UCI ChatGPT, non-UCI Copilot, and non-UCI Gemini are listed for P1 data only.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

UCI Information Security says AI chatbot services involving third-party access to University information need approved-vendor and use-case review for security, privacy, legal, and risk before use, and that high-risk use cases need contracts including UC Appendix DS.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

UCR's Provost guidelines state that generative AI tools that have not passed a campus security review may be used with public data only; for other data classifications, UCR points to secure tools including Google Gemini and Microsoft Copilot.

Evidence records: 2. Original evidence remains canonical on the linked university record and public JSON.

UCR's public generative-AI guidance for instructional settings places course-level use decisions with the Instructor of Record rather than setting one universal student-use rule in the evidence reviewed here.

Evidence records: 2. Original evidence remains canonical on the linked university record and public JSON.

UC San Diego Blink says the university evaluates and supports AI services integrated into supported platforms using criteria that reflect University of California data protection and security policies, including Electronic Information Security, Electronic Communication, Export Control, and FERPA standards.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

A 2025 UC San Diego Senate-Administration Workgroup report says researchers should understand UC San Diego data classification policies, including which protected health information, human subjects data, student work, intellectual property, and similar data may not be used with non-secure GenAI tools.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

UCT advises administrative and support staff to treat AI inputs as public and not share personal, confidential, or UCT intellectual property with publicly available AI tools.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

Before procuring generative AI tools, UCT staff or departments should consult ICTS and the tools must undergo information security and privacy risk assessment.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

University of Copenhagen employee guidance says employees may not enter personal data or confidential or copyrighted information into generative AI tools and should use only the licensed Copilot Enterprise tool for UCPH work.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

The University of Copenhagen researcher tools page says staff and students may use Microsoft Copilot, and that work needing a generative AI tool should primarily use Microsoft Copilot Enterprise because it is security-approved and licensed by the university.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

UCY input-safety guidance says users must exercise great caution with AI-tool inputs and avoid entering personal, confidential, unpublished research, or copyrighted content.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

UCY research-facing AI guidance tells researchers to anonymize data before using AI for analysis and to confirm approval for AI use involving sensitive data.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

UET Lahore's admissions privacy policy says the university collects personal, educational, financial, and technical information to provide services, conduct research, and communicate with stakeholders.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

UET Lahore's admissions privacy policy says sensitive information is encrypted during transmission, access to personal data is restricted to authorized personnel, personal data is stored securely, and regular audits are conducted.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

UF AI guidance says users should use UF-approved or UF-provided tools for sensitive or restricted data and says restricted or sensitive data is not permitted with cloud models tagged External in NaviGator Chat.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

University of Florida AI guidance says users should not use unapproved AI applications that have not gone through UF risk assessment.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

University of Groningen's AI policy and regulations page tells UG users not to share personal or organizational details with AI systems, to keep human intervention for decisions about other people, and to follow GDPR and related laws.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

UG says the Le Chat Enterprise licence is only active on @rug.nl accounts, other external AI tools may only process public information, and medium-confidentiality use requires disabling several tools.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

UIC College of Medicine policy prohibits students from generating patient care notes with AI applications except EHR-supported applications explicitly permitted by course leadership, and says protected health information should never be entered into outside generative AI tools.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

UIC states that students, staff, faculty, and researchers who need to enter high-risk or sensitive data into a generative AI tool or service should submit a ticket to [email protected], and that high-risk or sensitive data in any generative-AI solution must have appropriate contracts and data-use agreements.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

For New Educational Approaches, reviewers may not upload manuscript text to AI tools or prepare reviews with AI, and editors may not use AI tools to analyze, evaluate, or decide on manuscripts.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

New Educational Approaches instructs authors to review AI-tool terms for data privacy and intellectual-property implications before use, and forbids tools that may gain unauthorized access to article content or use it for model training.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

UK ADVANCE research guidance says data privacy review is needed before Protected Data is entered into a generative AI tool; it also says not to put PHI into such tools unless UKHC InfoSec has confirmed HIPAA compliance and PHI support, and not to place other non-public or proprietary research data into open-source AI without UK ITS GRC approval.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

University of Kentucky CELT guidance frames student generative AI use as a course-level instructor decision and recommends communicating allowed uses, tool restrictions, citation or acknowledgement expectations, and alternatives where privacy concerns exist.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

University of Leeds data-restriction guidance says certain data, including passwords, usernames, PII, sensitive or confidential material, University IP, and some copyright-protected or third-party data, must never be put into AI software.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

University of Leeds GenAI tools guidance says Copilot should be used for work purposes, including assessed work, unless there is a good reason why it cannot be used.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

UL GenAI principles state that any tool used within the university must comply with UL data protection, IT security, and acceptable usage policies, and that cloud tools must be approved through the Cloud Governance process.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

UL student guidance says Microsoft Copilot accessed through UL staff or student accounts is currently the preferred GenAI platform from a security and data integrity standpoint when GenAI is used by staff or students.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

The University of Louisville Delphi Center says current AI detection tools are unreliable, raise data privacy, FERPA, and student-consent risks, and should never be the sole basis for an academic integrity decision.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

UofL ITS AI guidance states that federal privacy regulations and the NIST AI Risk Management Framework should be followed, and that users are individually responsible for misuse of systems and data mishandling involving student data, intellectual property, and protected personal information.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

For administrative AI use, UMBC's DoIT guidance says that unless a user is using a tool from the GenAI Tools page, only public data may be used with a generative AI service and use of UMBC proprietary data is forbidden.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

UMBC's DoIT GenAI Tools guidance says UMBC content that is not public should not be used with a GenAI service unless UMBC has verified that the service is safe to use, and says UMBC has several tools verified as safe for Level 1 and FERPA data.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

UniME published a 2025 technical-administrative staff training course on privacy, GDPR, and artificial intelligence that references responsible and transparent AI use, privacy protection, the AI Act, and AgID guidelines.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

UniME published a 2025 technical-administrative staff training course on artificial intelligence in workplace contexts, focused on conscious, secure, ethical use and compliance with privacy, security, and responsibility rules.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

For AI use in research, the University of Milan guidance emphasizes data protection, operation traceability and regulatory compliance during AI-supported data analysis, and cautions against entering sensitive information into AI systems.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

For administrative activities, the University of Milan says its AI adoption follows AGID public-administration guidelines and uses a methodology that considers AI Act compliance, data quality, personal data protection and cybersecurity requirements.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

Pending university AI-use guidelines, Unimore recommended verifying sources, keeping human control by using AI only as assistance, requesting source citations in prompts, protecting sensitive data, and documenting AI use in proceedings.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

For ChatGPT Edu licenses, Unimore stated that inserted data would not be used to train models and that users remain owners of inputs and outputs.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

UniGPT terms distinguish local and external models: local models may process confidential V3 information but not strictly confidential V4 information, while external models may receive only public V1 information.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

The UniGPT privacy page states that user-generated chat data is not used to train models; logs and metrics are automatically deleted after 14 days, and other data is automatically deleted after six months without login.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

The University of Murcia library AI page frames responsible AI use as including privacy, intellectual property, ethics, and confidentiality considerations.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

The University of Murcia library AI page summarizes European research guidance saying researchers should abstain from using generative AI tools in sensitive activities such as peer review or evaluations, and should use generative AI respecting privacy, confidentiality, and intellectual property rights.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

For students, unless course objectives or explicit instructor authorization allow it, UNamur says they cannot introduce non-anonymized or non-pseudonymized personal data into prompts addressed to generative-AI tools.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

University of Namur frames generative AI use around five guiding principles: transparency, training, critical reflection, respect for protected materials/personal data/confidential information, and responsibility for final outputs and consequences.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

University of Navarra's AI policy says AI systems must be developed and used in accordance with applicable privacy, personal data protection, and European AI Act requirements.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

University of Navarra's AI policy says confidential information and any personal data should not be entered into some AI dialogue interfaces because the information may become training data or appear in outputs for others.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

UNE's HDR generative AI guidance warns that failure to reference generative AI content may be considered academic or research misconduct, and lists risks including unacknowledged AI output, inaccurate AI-generated references, substantive AI-generated thesis or publication content, peer review or ethics-clearance use, and disclosure of sensitive or confidential material to generative AI.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

UNE's HDR generative AI guidance cautions that inputting research data into AI can risk loss of copyright or intellectual property control and can have serious implications if sensitive or highly sensitive data is inadvertently released.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

UNM AI Resources guidance says AI tools should only be used with identifiable UNM data classified as public data unless approved by the appropriate UNM Data Steward or other appropriate office.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

UNM AI Resources guidance directs users to contact their office or department IT Officer before using identifiable FERPA data in AI platforms so a risk assessment can be initiated.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

UNC Charlotte OneIT's AI security checklist instructs users not to enter confidential or legally restricted data, including FERPA, HIPAA, PCI, or Level 3 data, into an AI tool.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

UNC Charlotte OneIT rates some campus AI tools as approved for use with data handling guidelines, while AI detection software and AI grading software are listed as Do Not Use.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

Notre Dame's AI@ND guidance says faculty, students, and staff may use University information with generative AI tools only when the information is public or the AI tool or service has undergone appropriate internal review and protective contract terms are in place.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

Notre Dame guidance to faculty and staff says not to use AI tools with sensitive or confidential data and not to use AI tools with University data without a contract.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

University of Pittsburgh Teaching Center guidance says free GenAI tools should not be considered private or secure, and information that is not already public should not be put into a free GenAI platform.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

University of Pittsburgh Teaching Center guidance says generative AI should not be used to grade student work and directs instructors to review data privacy implications before inputting data into generative AI tools.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

University of Rochester Provost guidance says non-public or sensitive University information should not be uploaded into external AI tools unless there is a university agreement with the vendor approved by an AI governance group.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

University of Rochester research guidance frames responsible GenAI use in research around data protection, verification, and transparency, including only considering low-risk data generally suitable for GenAI and using appropriate internal review for medium- or high-risk data.

Evidence records: 2. Original evidence remains canonical on the linked university record and public JSON.

University of South Carolina Division of IT guidance for students says conversations and files in USC's ChatGPT Edu environment stay private within USC's secure system and are not used to train external AI models.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

University of South Carolina Division of IT guidance says unauthorized third-party AI bots compromise USC network security and that proposed software, including add-ins or add-on apps, should be reviewed and approved by the Technical Review Board after the IT Purchasing process.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

St Andrews GenAI information policy says University information classified as internal, confidential, or strictly confidential must not be input into publicly available generative AI tools.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

St Andrews GenAI information policy says selection and procurement of generative AI tools should follow existing University procurement policies and procedures.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

University of Tabuk's official privacy policy covers electronic services and personal-data processing under Saudi personal-data law and SDAIA; this is general data-governance context, not AI-tool guidance.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

University of Tabuk's official policies-and-regulations page lists data, privacy, and security policies as adjacent governance context; the verified official-source search did not identify a public university-wide AI or generative-AI policy item.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

UT Dallas OIT guidance says users should not enter confidential data into publicly available generative AI tools and that no FERPA or HIPAA information may be used in generative AI tools.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

For official UT Dallas duties, Information Security guidance recommends faculty and staff use AI tools provided by UT Dallas rather than personal access to public or vended platforms that have not been approved or evaluated for security.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

University of Toronto teaching guidance says Microsoft Copilot is the recommended generative AI tool to use at U of T and, when signed in with University credentials, conforms to U of T privacy and security standards for use with up to level 3 data.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

University of Toronto Information Security guidelines state that no data should be provided to generative AI if any part of that data should not be included in results produced by that system, and users must verify AI tools have been assessed by the university as suitable for the data classification level before sharing personal information or university data classified as level 2, 3 or 4.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

Westminster's academic research GenAI guidance tells researchers and academic staff not to enter confidential or sensitive data into public or commercial generative AI tools, and to have specialist tools assessed by ISS when confidential data is involved.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

University of Westminster's GenAI policy requires GenAI-related data to be handled in line with data protection and security requirements, and says high-risk GenAI systems should not go into production without remediation.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

University of Zilina prohibits employees and students from entering sensitive data into publicly available GenAI tools, including non-public university data, non-public study materials, test assignments, intellectual-property-protected materials, personal data without explicit written consent, preliminary research results, and trade-secret data of partners.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

If University of Zilina provides paid licenses for GenAI tools, employees and students are directed to prefer them over unverified free tools.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

Uppsala University's central guidelines say sensitive personal data may only be transferred to a university-approved generative AI system, and student material may not be transferred without the student's permission to a generative AI system that might use it to train the system.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

Uppsala University's research AI introduction states that it is practical support rather than a rulebook; its quickstart guidance tells researchers to use Copilot Chat via UU login, never share sensitive or confidential information in an AI tool, double-check AI-generated material, and document how AI tools are used.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

Utah State University's AI Use & Compliance guidance says sensitive, restricted, or confidential data should not be uploaded or processed in AI tools unless the university has an established privacy agreement with the provider.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

Utah State University's research compliance guidance strongly encourages faculty to consider confidentiality when deciding whether AI use is appropriate for research and says researchers should not input confidential, proprietary, or restricted human-subjects data into a generative AI tool.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

Vanderbilt's Amplify FAQ says users may input Level 1, 2, or 3 data into Amplify, except PHI/HIPAA data, and may not upload Level 4 data.

Evidence records: 1. Original evidence remains canonical on the linked university record and public JSON.

Vanderbilt's generative AI tools page identifies ChatGPT, Amplify, and Copilot as free enterprise-supported tools for faculty, staff, and students.