Is It Safe to Use AI for Architects and Designers?
Yes, if you anonymise first: never paste a client name, site address or full floor plan into a consumer AI. A plan plus an address reveals a home.
Yes — but only if you anonymise the client details first. AI can help architects and designers a great deal. It can draft a brief. It can generate concept ideas. It can write a specification. It can analyse a plan. The danger is not the question. It is what you paste in. A floor plan with a real site address reveals where someone lives and how. A client's name, address and budget are personal data. Your unbuilt concepts and bids are confidential business information. Keep those out of a consumer AI. Send only anonymised text, and the tool still does the work.
What a client's plans actually reveal
Architects and designers feed AI real project material. A client brief. A site address. Floor plans. Budgets and drawings. Each of these carries risk. A plan is not just a drawing. Combined with an address, it becomes a security document. It shows a private home's internal layout. It shows entrances and access points. For a high-net-worth client, that is sensitive on its own.
- Client names, home addresses and contact details — personal data under the GDPR.
- Floor plans and site addresses together — effectively a security document for a private residence.
- Budgets, fees and bid figures — commercially confidential.
- Unbuilt concepts and design know-how — intellectual property and potential trade secrets.
Your designs are a trade secret worth protecting
Your unbuilt concepts hold real commercial value. So do your fee structures and competition bids. Under WIPO, the World Intellectual Property Organization, this kind of information can be a trade secret. A trade secret is confidential business, technical, financial or commercial information. It has value because it is secret. And it is protected only by reasonable steps to keep it secret.
That last point matters. Protection lasts only while the information stays confidential. WIPO is clear on this. A careless disclosure can forfeit it for good. Paste a confidential concept into a public tool, and you may undercut the secrecy itself. You may also breach a duty of confidence you owe the client.
The EU backs this up. The EU Trade Secrets Directive (Directive (EU) 2016/943) protects undisclosed know-how and business information across the EU. That covers customer details, business plans and market strategies. It confirms design and commercial project information can be protected as a trade secret.
Client data makes you a GDPR controller
A client's name, home address and budget are personal data. Handling them puts a legal duty on you. Under the ICO, the UK's data protection regulator, you are a controller. A controller decides the purposes and means of processing personal data. That includes self-employed professionals and small studios. As a controller, you carry the highest level of accountability for that data. The EU GDPR says the same in Article 4(7).
What security guidance says about public AI
The UK's National Cyber Security Centre (NCSC) has looked at this directly. It warns that queries sent to public AI services are visible to the provider. They are stored. They may be used to develop the service. They may be read by staff or contractors. A provider could also be breached. Or acquired by a company with different privacy practices.
The NCSC's advice follows plainly. Be very careful not to include sensitive information in AI queries. For automated work, it suggests avoiding public tools in favour of private or self-hosted models. Understand the terms and privacy policy before you submit anything. That supports one habit: anonymise the identifying details first.
| What you paste | Why it's sensitive |
|---|---|
| A floor plan plus the site address | Reveals a private home's layout, entrances and access points |
| Client name, address and budget | Personal data — you are the GDPR controller |
| An unbuilt concept or a competition bid | Confidential business information and a potential trade secret |
| The full drawing set for a live tender | Competition-sensitive; disclosure can weaken your position |
The fix: anonymise, then prompt
Good news: AI still helps once the details are masked. It can shape a brief. It can generate concept directions. It can draft a specification. For that, it needs no real name or address. Describe the project in general terms. Keep client identities and exact locations out of the prompt.
- 1Strip client names, the site address and identifying details from your text.
- 2Replace each one with a reversible token, in the browser.
- 3Send only the anonymised brief or spec to the AI.
- 4Keep full plans with real addresses out of public tools entirely.
- 5For real project data, use enterprise AI with a data processing agreement (DPA) and no-training terms.
- 6Check the client contract's confidentiality and AI clauses first.
One more question hangs over AI design: who owns the output? AI-generated work raises unsettled authorship and ownership issues worldwide. That debate is real. But the risk you can control today is the input. It is the briefs, plans, budgets and concepts you paste in. That is where anonymisation and proper data terms make the difference.
That's what ONYRI Sanitize does. The engine detects sensitive data — client names, site addresses, budgets, identifying plan details — and swaps it for reversible tokens before sending. Detection and the mapping stay in your browser. Only anonymised text reaches the model. The AI sees tokens, never the real home address or the client's identity. You keep the confidentiality your clients expect, and the trade-secret protection your work deserves.
Frequently asked questions
- Is it safe to use AI for architects and designers?
- Yes, for general design help, if you anonymise the client details first. AI can draft a brief, generate concepts or write a specification with no real names or addresses. The danger is pasting in a client name, a site address or a full floor plan. Those are personal data and confidential information. Mask them before you send, and keep full plans with real addresses out of public tools.
- Is a floor plan sensitive if I remove the client's name?
- It can still be. A floor plan combined with a real site address reveals a private home's layout, entrances and access points. That makes it a security document. Remove the exact address and identifying site details, not just the name. Keep the full plan with its real address out of consumer AI entirely.
- Can I lose trade-secret protection by using AI?
- You can weaken it. Under WIPO, a trade secret is protected only while it stays secret and you take reasonable steps to keep it so. Pasting an unbuilt concept or a competition bid into a public AI can defeat that secrecy. It may also breach your client agreement. Anonymise, or use enterprise tools with no-training terms.
Sources & references
- Frequently Asked Questions on Trade Secrets (definition, commercial value from secrecy, protection by reasonable steps) — World Intellectual Property Organization (WIPO)
- What are 'controllers' and 'processors'? (controller decides purposes and means; includes self-employed professionals) — Information Commissioner's Office (ICO)
- ChatGPT and large language models: what's the risk? (queries stored, visible to the provider, breach risk) — National Cyber Security Centre (NCSC)
Keep your sensitive data in your browser
ONYRI Sanitize detects and masks your sensitive data before it reaches the AI, then restores the answer — from names to API keys.
Anonymize my prompt