DBR Generative AI Limited General Availability (LGA)

Generative AI technologies—particularly large language models (LLMs)—are central to the capabilities of Data Breach Response (DBR) AI workflows. While these technologies are powerful, they also come with limitations. It’s important that you understand these limitations and use the product with appropriate care.

In general, we expect all DBR outputs to be reviewed by a human. Specifically, there are known risks that the AI may:

  • Omit critical information, such as Personal Information (PI) or Protected Health Information (PHI).
  • Incorrectly identify non-personal data as PI.
  • Flag documents as containing PI when they do not—or fail to flag documents that do.
  • Mislabel or miscategorize data.
  • Fabricate PI that does not actually exist in the source document.

Although our testing has shown these behaviors to be rare, we cannot guarantee they will never occur. Therefore, human oversight remains essential.

Additional system limitations are outlined in more detail below.

Extracted text only

Currently, PI annotations are generated based solely on the extracted text from documents. This means that any information contained in metadata, images, or other non-text elements that are not visible in the extracted text will not be considered during annotation.

To ensure accurate processing, all unstructured documents ingested into the DBR tool must contain properly OCR-processed text.

Shared LLM resources

LLM services are integrated across various Relativity products within the operational geography/ RelOne instance. For optimal results, it is highly recommended to utilize a single AI-based tool at any given time.

Security and privacy

Azure OpenAI does not retain any data from the documents being analyzed. Data you submit for processing by Azure OpenAI is not retained beyond your organization’s instance, nor is it used to train any other generative AI models from Relativity, Microsoft, or any other third party. For more information, see the white paper A Focus on Security and Privacy in Relativity’s Approach to Generative AI.

Regional availability of Data Breach Response

The availability of Data Breach Response with GenAI varies by region.

The following table shows the regions in which Data Breach Response with GenAI is currently available:

Region

Current LLM Model

United States

GPT-4.1 mini

United Kingdom

GPT-4.1 mini

Support for the EU and Australia is upcoming.

The version of Data Breach Response that does not use GenAI is still available in all regions.

Language support in Data Breach Response

Data Breach Response has been primarily tested on English-language documents, therefore accuracy is not guaranteed for other languages.

For the study used to evaluate Azure OpenAI's GPT-4 model across languages, see MEGAVERSE: Benchmarking Large Language Models Across Languages, Modalities, Models and Tasks on the arXiv website.

Data Breach Response does not support CJK characters.

Running Generative AI in Data Breach Response

To run Generative AI in Data Breach Response, you must reach out to your Relativity representative to turn on the feature within your instance.

  1. Before running the first ingestion job, navigate to Settings and toggle on GenAI in your workspace.
    An image showing the GenAI Mode toggle.

    GenAI Mode can only be enabled for workspaces that have never run Data Breach Response before. Existing workspaces that have already started running jobs with Data Breach Response cannot be converted.

  2. Select other settings as usual and Save.
  3. Proceed to Data Analysis as usual and start running the processes. Generative AI will run as part of the Unstructured Detection pipeline step. You will be able to see the estimated runtime for Data Analysis.
    An image of the Run Data Analysis window

  4. There is a quota for how many unstructured docs can be run through GenAI. This quota is listed in the viewer and will be increased throughout the quarter. Existing document size and scale limitations for structured documents apply.

    You can continue to run custom detectors as usual. Customer detectors are not currently run through GenAI and therefore will not be autolinked to names as the GenAI detectors are.

  5. In the viewer you will notice a sparkle icon GenAI icon for all GenAI generated entities on the Linked Entities panel.
    You can directly edit linked entities and PI types.

Supported Personal Information detectors

Data Breach Response GenAI supports the following OOTB detectors:

Detector Name Default Status Category
ABA Routing Number Off Financial
Address On Contact
Age Off Demographic
Bank Account Number On Financial
Credit Card Expiration Date On Financial
Credit Card Number On Financial
Credit Card Security Code On Financial
Date of Birth On Demographic
Date of Death On Patient
Driver License Number On North America
Email Address On Contact
International Bank Account Number Off Financial
Partial Credit Card Number Off Financial
Partial Date of Birth Off Demographic
Partial Social Security Number On Financial
Passport Number On Identification
Password On Security
Phone Number On Contact
PIN Off Security
Social Security Number On North America
UK Electoral Roll Number Off Europe, Middle East and Africa
UK National Health Service Number On Europe, Middle East and Africa
UK National Insurance Number On Europe, Middle East and Africa
UK Unique Taxpayer Reference On Europe, Middle East and Africa
US Individual Taxpayer ID Number On North America