Data protection & AI: How can we control our creations?

Adam Corey, VP of Marketing at Tealium, discusses the opportunities for machine learning and how the benefits are only possible if “data and processes are in optimal shape” and are compliant with privacy laws:

After all, machine learning will only ever be as good as the data and programming powering the technology.

Last week, the government announced new laws to grant people more control over how others use their personal data. Alongside matching many GDPR measures, the new Data Protection Bill will include two new criminal offences (with unlimited fines):

Re-identifying people from anonymous data: Data is often kept anonymous to respect people’s privacy, but by piecing many of these bits together, it might be possible to identify an individual’s browsing habits or credit card transactions. Changing data: Organisations could also face criminal charges if they are found tampering with data that has been requested by an individual.

– Conversely, Lukasz Olejnik, cyber security and privacy researcher at Princeton, warned that this bill will inadvertently criminalise uncovering personal data abuses and may reduce research:

I worry that if re-identification is simply banned, there might be no incentive for sane security and privacy engineering designs. It’s a paradox, but re-identification ban might end up leading into overall weaker systems.

Information Commissioner, Elizabeth Denham, published part two of her General Data Protection Regulation (GDPR) myth-busting series (part one here). This week, Denham addresses how consent is not the ‘silver bullet’ for GDPR compliance. Denham emphasises the importance of companies starting to prepare now, rather than “waiting for us to publish our final guidance on consent”.