How Zendesk navigates AI governance and data privacy risks in automated customer support

I sometimes say that trust is like a one-day contract – it is only valid for 24 hours. Renewing that contract requires more than just intent; it demands that we show up and deliver on our promises with consistency, every single day.

For my team, safeguarding customer data and ensuring confidentiality are more than just priorities. They are foundational to every decision we make. Here are six key ways we strive to earn and maintain trust with our customers, prospects, regulators, and security professionals.

Proving security, not just promising it

In the current landscape, customers expect proof, not promises – especially when it comes to AI systems. Too often, companies make bold claims that don’t hold up under scrutiny, creating a gap in real trust. At Zendesk, we believe security should be proven. This is why we pursue certifications like ISO 42001, or CSA (Cloud Security Alliance) STAR, providing independent evidence that our security controls are effective and our commitments are genuine. As regulators move from general guidance to defined expectations around model transparency and data safety, these certifications provide the “proof” our customers require.

However, our ongoing commitment to trustworthy customer and employee service goes beyond certificates – it’s reflected in our governance practices, continuous monitoring and improvement, as well as the transparency and controls that we provide for our customers.

Architecting governance into the development lifecycle

Innovation is important, yet moving quickly cannot come at the cost of trust. At Zendesk, security governance is integrated from the earliest stages of the AI feature development lifecycle. We often view security governance through the lens of a paradox: the car brake. While most associate brakes with slowing down, their true purpose is to enable speed.

Without the control and confidence that a high-performance braking system provides, reaching top speeds would be impossible. We apply this same logic to AI governance – it isn’t a mechanism for restraint, but the very control system that allows us to accelerate innovation safely and at scale. By conducting risk and design reviews before launching new AI features, we build resilience into the platform’s DNA, ensuring we address potential issues before they ever reach a customer environment.

Implementing customer-led AI data controls

Aside from providing strong platform foundations for trust, we also believe in customer agency. This means providing our customers with the tools and information they need to manage their own unique risk profile. By embedding controls and transparency features directly into our products, we ensure our customers can see how AI functions in their environments and make informed choices.

This “glass box” approach allows our customers to make informed choices and encourages them to adopt AI more confidently, knowing they have the final say in how the technology interacts with their customers.

Champions of transparent AI operations

Building on this foundation of transparency and customer empowerment, we recognize our role in shaping broader industry standards. We set strong security and privacy benchmarks at Zendesk, pushing our industry to elevate its standards as well. We believe governance should be the primary driver of innovation, rather than a separate compliance exercise. By making these rigorous standards an inherent part of how we deliver AI solutions, we provide actionable evidence that raises the expectations for accountability throughout the technology sector.

Navigating global AI regulations and compliance

In the world of AI, the law is often playing catch-up with innovation. At Zendesk, we don’t wait for a new regulation to be finalized before we act; we stay involved in global conversations to help shape and anticipate where regulations are headed. By building our tools to meet these emerging standards today, we ensure that as regulations evolve, your system is already prepared for what’s next.

This proactive approach saves you from the frustration of costly updates or having to pause your projects to fix gaps later. We handle the changing landscape in the background, so you can keep serving your customers and employees without a hitch, because the sooner you invest in strong foundations, the easier it will be to scale securely and address future regulatory and customer demands.

Shaping security through customer dialogue

Our approach to security isn’t static; it is continually shaped by the ‘tough questions’ our customers ask. Their feedback challenges us to demonstrate – not just declare – security and trustworthiness. Earning trust daily, setting new benchmarks for transparency, and making governance a living, evolving discipline – that’s the promise we stand behind at Zendesk in every decision we make.