At Samyag, we believe that AI and Large Language Models (LLMs) will completely transform the way travel industry operates

As we spoke to customers and the travel community, some questions kept coming up :

• Can we legally send this data to OpenAI?

• What if there’s Personally Identifiable Information (PII) in the payload?

• What happens to our data after inference?

The undeniable power of cloud-based APIs comes with significant questions around compliance, confidentiality, and risk.

The Risk of Sending Raw Data to External LLMs

Large LLM as a service providers such as OpenAI, Google and Anthropic offer enterprise friendly models and easy to use API’s. However, the reality is that many organizations still hesitate to send internal documents, emails, chats or customer data to these organisations even when encryption and retention assurances are in place.

Some of the key concerns include:

Data exposure risks: Even when providers promise not to use inputs for training, metadata and logs can still pose a risk. There is also the risk of some configuration or terms changing that could risk PII exposure For industries bound by GDPR or other data protection laws, it’s often a non-negotiable to ensure that personal data does not leave the organization's controlled environment unless there is a clear traceability matrix Lack of transparency in model inference pipelines and how that data is stored/used

In the travel industry, PII is fundamental to every booking related transaction. For IT teams working on cutting-edge solutions, these aren't just theoretical discussions anymore. They have become real blockers to the adoption of LLM-powered solutions.

A Hybrid Approach: Pre-process Locally, Use External Models After

To address these concerns, Samyag is moving toward a hybrid LLM architecture that protects data while preserving access to cutting edge capabilities of large tool providers

Here’s how we are working towards this:

1. A private, self-hosted LLM (open-source and deployed on infrastructure that we can secure and control) is used to pre-process the input. This LLM redacts/transforms the content. Any attachments are pre-processed by this LLM and checked if they contain any form of PII data such as passport or identity details.

2. Once the data is sanitised and we are sure it does not contain any sensitive data, it is then passed to the external, commercial LLM for higher-level tasks.

This results in:

• Data privacy by design rather than depending on third parties
• Auditability and control over data sent externally
• Flexibility to change both internal and external providers or models whenever needed

This architecture not only helps meet internal compliance standards but also builds a long-term AI resilience into the customers data strategy.

##The Future Is Privacy-First, Model-Agnostic

In the travel industry, AI adoption must be secure, auditable, and scalable. Pre-processing with private models offers a clear path forward with one that gives IT teams confidence, aligns with data governance policies while still leveraging the best available technologies.

We believe that the hybrid LLM deployments are the best way to navigate a balance between innovation and compliance.

Connect with us to discover how Samyag is transforming the way the travel industry operates with secure and responsible AI solutions.

Do follow us on our journey as we expand the way AI is used in travel.

#EnterpriseAI #LLM #DataPrivacy #AIArchitecture #Compliance #OpenSourceAI #HybridAI #GenerativeAI #CIO #CTO #DigitalTransformation