Nonprofit AI Check-in: Reclaiming Human Rights and Protecting Local Communities

In this midweek check-in, Carolyn Woodard steps back from the technical "how-to" of AI to look at the "why" behind the ethical concerns many nonprofit leaders are feeling. This episode focuses on two significant areas where AI intersects with our core mission of serving others: the protection of basic human rights and the physical impact of the infrastructure that makes AI possible.

First, we explore insights from human rights lawyer Malika Saada Saar on how we can reclaim AI to serve dignity and democracy rather than ceding it to companies that make a profit by exploiting sensitive and marginalized groups.

Second, we look at the reality of the data centers powering these tools—specifically the environmental and economic pressures they place on local residents. Carolyn shares resources on creating Community Benefit Agreements (CBAs) with data centers as a path forward for local communities.

Whether it's protecting a survivor’s right to privacy or ensuring a local community has a say in how a data center is built, these are the human issues that will define how we use technology in the years to come.

Featured Resources

• Webinar: Slow Violence, Fast Tech | Watch on YouTube In this 30-minute session from All Tech Is Human, human rights lawyer Malika Saada Saar discusses the "slow violence" of AI and how nonprofits can advocate for technology designed with consent and safety in mind, particularly for women, children, and marginalized communities.
• Report: Why Community Benefit Agreements are Necessary for Data Centers | Read at Brookings As data centers expand rapidly across the U.S., this Brookings Institution paper explains how "Community Benefit Agreements" (CBAs) can help local leaders and residents negotiate for transparency, environmental protections, and shared economic benefits.
• Community IT Resource: AI Ethics and Policy Webinar | View the Framework If you are ready to start moving from learning to doing, this webinar provides a practical framework for nonprofits to begin drafting their own AI use policies and start conversations around ethics.

Next Step for Your Organization

Does your nonprofit have an AI ethics policy yet? If not, now is the perfect time to start the conversation with your leadership and board. You don't need to be a technical expert to advocate for your organization's values. We encourage you to use these resources to continue your education and ensure that your use of AI remains mission-aligned.

_______________________________
Start a conversation :)

• Register to attend a webinar in real time, and find all past transcripts at https://communityit.com/webinars/
• email Carolyn at cwoodard@communityit.com
• on LinkedIn

Thanks for listening.

In this special anniversary episode, we celebrate a major milestone: 25 years of Community IT. Founded on February 1, 2001, by David Deal as a mission-focused spin-out from Reliacom, Community IT has spent a quarter-century navigating the ever-changing tides of technology for nonprofits exclusively. CEO Johan Hammerstrom, who was one of the early employees to move from Reliacom to the new company, joins us to reflect on our journey from the early days of wiring offices for the internet to our modern role as a national provider of remote IT services and cybersecurity.

We discuss how our bedrock foundation of servant-leadership has allowed us to remain a stable, trusted partner for the nonprofit community through dot-com busts, financial crises, and global shifts in how we work.

Beyond the history of servers and software, this conversation focuses on the vibrant people who make our mission possible. Johan shares why it is useless to predict exactly where IT will be in five years, and why Community IT instead invests in the creative, dedicated staff who can guide nonprofits through whatever the future holds.

Whether you have been a partner since our founding or are just joining our community, tune in to hear how our commitment to technology expertise ensures that nonprofits can stay focused on their missions, no matter how the digital landscape evolves.

_______________________________
Start a conversation :)

• Register to attend a webinar in real time, and find all past transcripts at https://communityit.com/webinars/
• email Carolyn at cwoodard@communityit.com
• on LinkedIn

Thanks for listening.

To follow on from our recent discussions regarding the rapid adoption of artificial intelligence in the nonprofit sector, this episode explores the critical technical and privacy distinctions between public and enterprise AI tools.

The CISA Incident and the AI Privacy Gap

Last week, news outlets including Politico reported that the interim director of the Cybersecurity and Infrastructure Security Agency (CISA), Madhu Gottumukkala, mistakenly uploaded sensitive government contracting documents into a public version of ChatGPT. This triggered automated security warnings designed to prevent the unintentional disclosure of government material.

This incident highlights that anyone can mistakenly upload sensitive data to a public tool. Even the head of CISA.

Key Differences Between Public and Enterprise AI:

• Data Privacy: Enterprise versions (like Microsoft Copilot for 365 or Gemini for Workspace) keep your prompts and data within your organizational "cloud boundary." Your information is not used to train the underlying public models.
• AI Search and Permissions: With Enterprise AI, the tool can surface any document a user has permission to see. This makes cleaning up your SharePoint or Google Drive permissions essential to avoid sensitive files being inadvertently surfaced via AI search. Pay attention to files that have been shared with "anyone with this link" because Copilot and Gemini will view that as granting permission to anyone searching. Finally, spend time on staff training on how to save and share files so that permissions will need less clean up going forward.
• Commercial Protections: Enterprise licenses include copyright indemnity that are absent in public versions.
• Security: Enterprise licenses give IT management and administrative controls which are essential to securing your nonprofit's valuable data.

Resources:

Trump’s acting cyber chief uploaded sensitive files into a public version of ChatGPT from Politico by John Sakellariadis, published Jan 27, 2026. https://www.politico.com/news/2026/01/27/cisa-madhu-gottumukkala-chatgpt-00749361

"The interim head of the country’s cyber defense agency uploaded sensitive contracting documents into a public version of ChatGPT last summer, ... The material included CISA contracting documents marked 'for official use only,' a government designation for information that is considered sensitive and not for public release."

Microsoft Copilot vs. ChatGPT: Data Protection Explained from Community IT.

"If you are using Copilot with a 365 subscription, your prompts and data are not used to train the underlying large language model. It keeps your data within your enterprise cloud boundary... This protection only applies when you are signed in to an eligible work or school account."

Upcoming Webinar: Verifying Your AI Security

Join Community IT CTO Matt Eshleman on February 25th to learn how to distinguish between public and enterprise accounts. Register here: How to Use AI Tools Safely at Nonprofits

_______________________________
Start a conversation :)

• Register to attend a webinar in real time, and find all past transcripts at https://communityit.com/webinars/
• email Carolyn at cwoodard@communityit.com
• on LinkedIn

Thanks for listening.