The tricky combination of Privacy by Design and Artificial Intelligence
According to the Tractica’s study, AI market must reach 89.8 billion euros hence 2025 (7.3 billions euros of sales revenue made in 2018). All sectors are concerned and AI market is one who makes fundraising record. However, deep learning devices concentrate all the views at the GDPR and privacy by design time which isn’t without consequences.
A staple issue for native GDPR technologies
Privacy by design concept was highlighted by 1995 on Ann Cavoukian impulsion, former Information and Privacy Commissioner of Ontario (Canada) after which it has been adopted by countries (such as Germany in 1997). The idea is clear : protect liberty and data privacy of consumers at the earliest stages of technologies construction. That guard-rail principle provides a significant protection which is enforced for companies so that they can’t deliver a device without it, even if they pledge for a future protection : it’s an ethical data approach.
The concept has been taken up by article 25 of GDPR, adopted in 2016 and applicable since 2018. If it’s a staple issue and one of the fundamental parts of the text, in fact, it’s still tough to execute for some sectors such as AI.
AI can be defined as human behaviors reproduction by devices and engines. To make it, data must be used at large scale by deep learning method (major way nowadays). That method is based on an independent regulation and evolution development. Clearly, there are difficulties.
At one point, the worry is that the AI devices, self-contained by definition, could liberate itself from privacy by design rules. In fact, there’s a significant difference between regular algorithm and deep learning. In the first one, the code line must answer to a problem with a mathematical logic while in the second one a large space to liberty is allowed. The AI is built on the human neuronal system model. That point changes a lot for data privacy because nothing can ensure that devices would not pass over the privacy rules.
Solutions can be laid out however. Regulators within company can be designated to control failures. Privacy by design isn’t a strict technical process but a global approach : upstream and downstream, technical and legal. The role of companies is not over after releasing a new technology. They must also ensure a protection all along the usage.
Another option is an immediate use of data by devices without cloud stockage. OnePlus India company offers to its consumers an app based on deep learning AI which enables message classification (such as Gmail do). The AI is locally set up so that the data doesn’t go on the company IT server.