Machine learning isn’t something that’s going to happen—it’s already happened.
“If you’ve got a smartphone in your pocket, you’ve interacted with machine learning and AI. … It’s already part of our everyday lives, yet we don’t necessarily recognize that,” said Ali Shah, head of technology policy for the U.K.’s Information Commissioner’s Office (ICO). Shah spoke at the Compliance Week Europe conference in November.
Shah spent 15 years working in various roles as an engineer and leader of emerging technology at the British Broadcasting Company before joining the ICO just over nine months ago. His professional interests lie in artificial intelligence, data, and the rights of citizens, among other things.
AI and machine learning are a transformational development with the potential to alter the nature of how we operate in society, Shah said. Yet, he cautioned there are still challenges to address (like the gap in people’s understanding of what AI is) along with significant business, regulatory, and ethical considerations that often conflict with one another.
Compliance leaders are in the hot seat to determine how to balance the corporate incentives of using machine learning with their organization’s responsibility to protect the rights of individual citizens—not to mention complying with the European Union’s General Data Protection Regulation (GDPR).
“There are tensions between what the GDPR says and the current approach taken in the development of machine learning,” explained Shah. For instance, GDPR says data minimization is really important, but the development of machine learning depends upon ample data collection.
Plus, business leaders “have to balance the needs of their organization—generating a profit and being successful—with the sorts of provisions that are in the law,” said Shah.
Data protection authorities like the ICO and the Federal Trade Commission in the United States will need individuals who can make sense of the way these emerging technologies are being used in real-world applications.
Shah’s team is developing a framework that will allow the ICO’s investigations and regulatory assurance functions to make sense of how emerging technologies are being used by companies and evaluate whether those businesses have put the risk and control measures into place to avoid a problem.
“If your corporate incentives don’t include an acknowledgment, by action, of the rights of individuals as part of the equation, you will have issues,” warned Shah.
The ICO expects to issue guidance on this topic in the spring of 2020.
Special report: Maturing in your technology journey
- Currently reading
Regulators need experts in AI, too