Prompt confidentiality is the contractual commitment that an AI vendor will treat the user's prompts as confidential, not as training data, and not as content that gets surfaced to other users. It sits alongside the training-data clause but addresses a different fear: not "will my data train your future model" but "will my prompt show up somewhere it should not."
The concrete obligations a strong prompt-confidentiality clause includes are: prompts are confidential information of the customer, prompts are not used for model training without separate consent, prompts are not retained beyond the operational period needed to deliver the response (or are retained only in encrypted form for a defined period for abuse monitoring), and prompts are not visible to other users of the platform.
The reason this clause matters is the Samsung incident pattern. An employee pastes confidential client information into a prompt. The vendor's logs retain it. The retention policy is silent or vague. Six months later, an audit or a discovery request asks where the data is. The answer "it is in our AI vendor's logs and we have no contractual right to demand its deletion" is a real problem that prompt-confidentiality drafting is designed to prevent.
In drafting, the clause should reference specific operational practices, not just general confidentiality language. Retention periods. Access controls on logs. Encryption at rest. Deletion mechanisms on customer request. A clean prompt-confidentiality clause reads like a SOC 2 Type II practice statement, not like a marketing promise. Done well, it converts vendor practices into customer rights.