Center for AI and Digital Policy’s Post

【🔎Implications of the Development or Use of AI on Personal Data Privacy – PCPD Completed Compliance Checks on 28 Organisations👨🏻💻】   🤖To understand the implications of the development and use of AI on personal data privacy in Hong Kong🔐, the PCPD carried out compliance checks🔎 on 28 local organisations from August 2023 to February 2024 to understand their practices in relation to the collection, use and processing of personal data 📝in the development or use of AI, as well as the AI governance structure of the relevant organisations👨🏻💼.   The exercise covered various sectors, including telecommunications🤳🏻, finance and insurance💰, beauty services💄, retail🛍, transportation🚗 and education sectors📚, and government departments🏢. The PCPD has found no contravention of the PDPO✅ during the compliance check process🔎.   Through this compliance check exercise🔎, the PCPD would like to provide recommended measures to organisations which develop or use AI🌟.   🌟For relevant recommended measures, please refer to the media statement 👇🏻: https://lnkd.in/g8ntykPT   🌟 Click here for the “Guidance on the Ethical Development and Use of Artificial Intelligence” 👇🏻: https://lnkd.in/gMb_cue9 #PCPD #AdaCHUNG #PrivacyCommissioner #PDPO #AI #ArtificialIntelligence #ComplianceChecks #PersonalData #Privacy #DataProtection

Yesterday, the #WhiteHouse issued an #ExecutiveOrder putting forth guidelines on the use of #ArtificialIntelligence. #InfoSec and #Privacy professionals are lauding the move, citing it as an important first step in reigning in the use of #AI. The #EO is substantial at 88 pages-- it's going to have to be. The use of AI is moving faster than anticipated. The EU-U.S. #DataPrivacyFramework which only took effect this past July requires the U.S. to provide #adequate privacy and #dataprotection to maintain the free flow of information into the U.S. from the #EuropeanUnion and the #EEA. It is not surprising for the adequate protections referred to in the EU-U.S. DPF to encompass AI, especially government use of AI. The Executive Order's emphasis on U.S. government agencies' use of AI demonstrates that. Additionally, the language of the order also highlights the government's involvement in developing guidelines that could be used downstream for regulating the commercial use of artificial intelligence and providing the providing the mechanisms for redress already promised in the Data Privacy Framework. Also not surprising is that this Executive Order on Artificial Intelligence follows only 4 months after the #EuropeanParliament passed the EU's #ArtificialIntelligenceAct. The order, also known as #EO14110 will be published today, but the unpublished version is available using the link below. https://lnkd.in/ekywuZXG

Privacy and data professionals around the globe are required to remain agile when it comes to AI, especially with the EU AI Act in play. Next week CIPL President, Bojana Bellamy will be joining a panel alongside Rocco Panetta (PANETTA), and Hilary Wandall (Dun & Bradstreet) on 'Critical Insights on the EU AI Act for Data Protection Professionals' at the IAPP - International Association of Privacy Professionals ANZ Summit 2023. This session will update the audience on the status of the EU AI Act, address the need for companies to innovate while safeguarding the fundamental rights of citizens, and provide insights from regional data protection authorities and data protection officers on how their roles may be shifting. The panel will also outline when and how to initiate an AI governance framework within their organization. #AI #artificialintelligence #aiAct

Last week, Pierstone attended the CPDP.ai conference, a hotspot for the latest privacy, data protection, and AI trends. Here are the key takeaways and actionable insights: ▪ From Chief Privacy Officers to Chief AI Officers? As AI evolves, will Chief Privacy Officers transition to Chief AI Officers? Probably, yes. This reflects a shift from data protection to data responsibility, emphasizing the need to document organizational principles, values, and goals. ▪ Privacy at the Core Privacy must be central to new technologies. The GDPR’s role in AI regulation highlights the importance of protecting individual rights. Ongoing debates about anonymization and the legitimacy of AI training datasets under GDPR remain hot topics. ▪ AI Deployment: Risk-Based Approaches Risk-based approaches to AI deployment remain key, leveraging know-how from data protection practices. This approach ensures that AI systems are developed and implemented responsibly. ▪ EU's Digital Framework: A Game Changer? The new digital regulations (AI Act, DSA, DMA, Data Act, etc.) aim to protect user rights while fostering innovation. However, the real-world impact of these ambitious frameworks remains to be seen. ▪ Teaming Up for Compliance Organizations and regulators must collaborate to align innovation with compliance and user rights. There's a call to reassess consumer vulnerability in the digital age and design systems with fairness in mind. Happy to have been part of CPDP2024. Let's keep the conversation going! Reach out to us to discuss these topics or share your thoughts below. #CPDP2024 #Privacy #DataProtection #AI #IAPP

📢 CAIDP Provides Comments to Australian Government on Online Safety Act and AI 🇦🇺 In comments to the Australian Government, the Center for AI and Digital Policy wrote, "the online risks which accompany the advent of generative AI are extensive, and include threats to personal privacy, intellectual property, and life-altering outcomes based on AI-enabled decision-making." CAIDP thanked the Australian government for the opportunity to provide public comments on proposed changes to the Online Safety Act and made several specific recommendations concerning AI: 1️⃣ Establish redlines for developers, providers, and deployers of AI systems regarding training data, prohibiting practices which contravene the Australian Privacy Principles, including web-scraping of personal data and intellectual property. 2️⃣ Require transparent and contestable data provenance for AI models trained on web-scraped data so that data subjects may be made aware when their personal, private data and intellectual property has been used to train AI models, providing an opportunity for compensation and extrication of data. 3️⃣ Require rigorous, independent impact assessments prior to deployment to identify and mitigate potential online harms, including biases and rights violations, with ongoing re-assessments across the AI lifecycle. 4️⃣ Require algorithmic transparency for AI systems so that users are aware when they are interacting with an AI/algorithmic system and are provided with clear and valid reasons for outcomes affecting their lives. 5️⃣ Require human oversight and control over AI systems operating online and an affirmative obligation to terminate if human control of the system is no longer possible and/or if the system fails to uphold human/civil rights in keeping with the Universal Guidelines for AI, a precursor to the Australia-endorsed UNESCO Recommendation on the Ethics of Artificial Intelligence. Merve Hickok Marc Rotenberg Caroline Friedman Levy Nayyara Rahman Lyantoniette Chua Center for AI and Digital Policy Europe #australia #onlinesafetyact #aigovernance #webscraping #dataprotection #intellectualproperty #impactassessments

One week on, I remain deeply inspired by the discussions held at #CPDP2024 regarding AI, privacy, and regulatory frameworks. Make sure to explore our insights!

Check it. How AI is impacting policy processes and outcomes in Africa https://buff.ly/3Kei1qJ #tech #digital #data #privacy

Euractiv reports on Microsoft-OpenAI scrutiny at AI Convention #ArtificialIntelligence 🤝 Follow us on Discord 🔜: https://lnkd.in/gt823Zd3 🤝 Follow us on Whatsapp 🔜 https://wapia.in/wabeta _ ❇️ Summary: The European Commission is pushing back on a US-led attempt to exempt the private sector from the world’s first international treaty on Artificial Intelligence. The Council of Europe’s AI Convention is facing key decisions this month, with the most consequential pending issue being the scope of the convention. The EU is also finalizing the AI Act, while the EU Court adviser sided with the Commission in the Google Shopping case. Additionally, the Commission is examining the relationship between tech multinational Microsoft and ChatGPT-maker OpenAI, and the EU is working on new cybersecurity measures. Hashtags: #chatGPT #AIConvention #MicrosoftOpenAIScrutiny

➡ There is a strong attention of the Italian Data Protection Authority about Artificial Intelligence. ✔ Following the well known temporary ban on processing imposed on #OpenAI by the Authority on 30 March of last year, and based on the outcome of its fact-finding activity, on January 2024 the Garante notified breaches of privacy law to OpenAI based on the collected evidences. ✔ Also, on March 2024 the Garante Privacy opened an investigation into OpenAI's "Sora" (the new AI service able to create dynamic, realistic and imaginative scenes from short text instructions), asking OpenAI to provide information on the #algorithm that creates short videos from text instructions. ✔ Finally, this week the Garante wrote to Italian Parliament and Government by highlighting it possesses the necessary competence and independence to implement the #AIAct, in line with the objective of ensuring a high level of protection on fundamental rights. 📢 "Given its impact on people’s rights, AI should fall within the jurisdiction of Authorities with stringent independence requirements, such as #Privacy Authorities, also due to the close interrelation between artificial intelligence and data protection and to the expertise already acquired with regard to automated decision-making.", the Garante wrote in its own communication to the Italian Parliament and Government. 🔊 In the end, it is evident that on the one hand the Garante is stressing (as well as investigating) the synergy between #AI and #DataProtection, and on the other hand it is pushing for their application by a single independent Authority. We'll see how it turns out: stay tuned!