IBM Cloud Docs
Securing your assistant

Securing your assistant

IBM is committed to providing our clients and partners with innovative data privacy, security, and governance solutions.

Notice Clients are responsible for ensuring their own compliance with various laws and regulations, including the European Union General Data Protection Regulation (GDPR).

Clients are solely responsible for obtaining advice from competent legal counsel to identify and interpret relevant laws and regulations that can affect the clients’ business and any actions the clients need to take to comply with such laws and regulations.

The products, services, and other capabilities described herein can have restricted availability and are not suitable for all client situations. IBM does not provide legal, accounting, or auditing advice; or represent or warrant that its services or products can ensure compliance with any law or regulation.

If you need to request GDPR support for IBM Cloud® Watson resources:

European Union General Data Protection Regulation (GDPR)

IBM is committed to providing our clients and partners with innovative data privacy, security, and governance solutions to assist them on their journey to GDPR compliance.

Learn more about IBM's own GDPR readiness journey and our GDPR capabilities and offerings to support your compliance journey at Data Responsibility GDPR.

Health Insurance Portability and Accountability Act (HIPAA)

US Health Insurance Portability and Accountability Act (HIPAA) support is available for Enterprise plans that are hosted in the Washington, DC or Dallas locations. For more information, see Enabling HIPAA support for your account.

Do not add personal health information (PHI) to the training data (entities and intents, including user examples) that you create. In particular, be sure to remove any PHI from files that contain real user utterances that you upload to mine for intent or intent user example recommendations.

Opting out of log data use

IBM uses log data (Enterprise plan data is excluded) to continually learn from and improve the watsonx Assistant product. The logged data is not shared or made public.

To prevent IBM from using your log data for general service improvements, complete one of the following tasks.

  • If you use a custom application, for each API /message request, set the X-Watson-Learning-Opt-Out header parameter to true.

    For more information, see Data collection.

  • If you use the web chat integration, add the learningOptOut parameter to the script that you embed in your web page, and set it to true.

    For more information, see Configuration.

Labeling and deleting data in watsonx Assistant

Do not add personal data to the training data (actions and steps, including user examples) that you create. In particular, be sure to remove any personally identifiable information from files with real user utterances that you upload to mine for user example recommendations.

Experimental and beta features are not intended for use with a production environment and therefore are not guaranteed to function as expected when labeling and deleting data. Experimental and beta features cannot be used to implement a solution that requires the labeling and deletion of data.

If you need to remove a customer's message data from a watsonx Assistant instance, you can use the customer ID of the client if you associate the message with a customer ID when the message is sent to watsonx Assistant.

Removing message data must be an occasional event only for individual customer IDs. To disable analytics logs, you can upgrade to an Enterprise with Data Isolation plan.

  • The assistant preview and automatic Facebook integration do not support the labeling or deletion of data based on customer ID, and cannot be used in a solution that must support the ability to delete data based on customer ID.

  • For Intercom, the customer_id is the user_id with an intercom_ prefix. The Intercom user_id property is the id of the author message object in the Conversation Model that is defined by Intercom.

    • To get the ID, open the channel from a web browser. Open the web developer tools to view the console. Look for author.

    The full customer ID looks like this: customer_id=intercom_5c499e5535ddf5c7fa2d72b3.

  • For Slack, the customer_id is the user_id with a slack_ prefix. The Slack user_id property is a concatenation of the team ID, such as T09LVDR7Y, and the member ID of the user, such has W4F8K9JNF. For example, T09LVDR7YW4F8K9JNF.

    • To get the team ID, open the channel from a web browser. Open the web developer tools to view the console. Look for [BOOT] Initial team ID.
    • You can copy the member ID from the user's Slack profile.
    • To get the IDs programmatically, use the Slack API. For more information, see Overview. The full customer ID looks like this: customer_id=slack_T09LVDR7YW4F8K9JNF.

  • For the web chat integration, the service takes the user_id that is passed in and adds it as the customer_id parameter value to the X-Watson-Metadata header with each request.

Before you begin

To be able to delete message data associated with a specific user, you must first associate all messages with a unique customer ID for each user. To specify the customer ID for any messages sent with the /message API, include the X-Watson-Metadata: customer_id property in your header. For example:

curl -X POST -u "apikey:3Df... ...Y7Pc9"
 --header
   'Content-Type: application/json'
   'X-Watson-Metadata: customer_id=abc'
 --data
   '{"input":{"text":"hello"}}'
  '{url}/v2/assistants/{assistant_id}/sessions/{session_id}/message?version=2019-02-28'

where {url} is the appropriate URL for your instance. For more information, see Service endpoint.

The customer_id string cannot include the semicolon (;) or equal sign (=) characters. You are responsible for ensuring that each customer ID property is unique across your customers.

Only the first customer ID value that is passed in the X-Watson-Metadata header is used as the customer_id string for the message log. This customer ID value can be deleted with DELETE /user_data v1 API calls.

If you add search to an assistant, user input that is submitted to the assistant is passed to the Discovery service as a search query. If the watsonx Assistant integration provides a customer ID, then the resulting /message API request includes the customer ID in the header, and the ID is passed through to the Discovery /query API request.

To delete query data associated with a specific customer, you must send a separate delete request directly to the Discovery service instance that is linked to your assistant. For more information, see the Discovery information security.

Querying user data

Use the v1 /logs method filter parameter to search an application log for specific user data. For example, to search for data specific to a customer_id that matches my_best_customer, the query might be:

curl -X GET -u "apikey:3Df... ...Y7Pc9" \
"{url}/v2/assistants/{assistant_id}/logs?version=2020-04-01&filter=customer_id::my_best_customer"

where {url} is the appropriate URL for your instance. For more information, see Service endpoint.

For more information, see the Filter query reference.

Deleting data

To delete any message log data associated with a specific user that your assistant might store, use the DELETE /user_data v1 API method. Specify the customer ID of the user by passing a customer_id parameter with the request.

Only data that was added by using the POST /message API endpoint with an associated customer ID can be deleted with this delete method. Data that was added by other methods cannot be deleted based on customer ID. For example, entities and intents from customer conversations cannot be deleted this way. Personal Data is not supported for those methods.

IMPORTANT Specifying a customer_id deletes all messages with this customer_id, received before the delete request, across your entire watsonx Assistant instance, not just within one skill.

For example, to delete any user message data that is associated with customer ID abc from your watsonx Assistant instance, send the following cURL command:

curl -X DELETE -u "apikey:3Df... ...Y7Pc9" \
"{url}/v2/user_data?customer_id=abc&version=2020-04-01"

where {url} is the appropriate URL for your instance. For more information, see Service endpoint.

An empty JSON object {} is returned.

For more information, see the API reference.

Note: Delete requests are processed in batches and can take up to 24 hours to complete.

Web chat usage data

The watsonx Assistant web chat sends limited usage data to the Amplitude service. When a user interacts with the web chat widget, we track features that are being used, and events such as how many times the widget is opened, and how many users start conversations. This information does not include Assistant training data or the content of any chat interactions.

The information sent to Amplitude is not Content as defined in the Cloud Service Agreement (CSA). It is Account Usage Information as described in Section 9.d of the CSA and is handled as described in the IBM Privacy Statement. The purpose of this information gathering is limited to establishing statistics on the use and effectiveness of web chat and making improvements.

Private network endpoints

Plus

You can set up a private network for watsonx Assistant instances that are part of a Plus or Enterprise service plan. A private network prevents data from being transferred over the public internet and ensures greater data isolation.

Private network endpoints support routing services over the IBM Cloud private network instead of the public network. A private network endpoint provides a unique IP address that is accessible to you without a VPN connection.

For more information, see Public and private network endpoints.

Integrations that are provided with the product require endpoints on the public internet. Therefore, any built-in integrations for your assistant have public endpoints.