GDPR Certification-An Opportunity for AI Companies
The Artificial Intelligence (AI) companies had long been taking advantage of the absence of adequate data protection laws before the advent of the General Data Protection Regulation (GDPR) enforcement that took place on the 25th of May 2018. The AI industry is the domain where the GDPR will bring about the most significant change because data is the very sustenance of artificial intelligence. Any sort of failure to comply means a penalty of up to €20M or a certain percentage of the company’s revenue whichever is greater.
Although it is eminent that a rigorous set of regulations will raise some eyebrows regarding the current practices of AI companies, it is not a given that it will hinder AI research and innovation; the industry just has to find a win-win situation.
Data Ownership
If you want to understand in layman’s terms how the AI basically operates then refer to the statement,
I provide you with free access to my online service, and in return you let me collect your data.
Generally, this does seem reasonable given the fact that most people think that their monetary possessions hold more value than their personal information. However, that is not the case with AI companies; they use this data to create user profiles and train their algorithms. So, the value is based, purely, on relevance.
Before the enforcement of GDPR certification, no one could question what data these tech companies had. However, with the newfound regulations, they have no choice but to let users be in full control of their data by being transparent about their activities.
The users can even ask for deletion of their data completely. This can arise from the following issues:
- Tech companies won’t be able to note the behaviour patterns of the users.
- Data is normally exchanged with third-parties for algorithm testing and hence becomes duplicated across the company’s servers and elsewhere. So, it will be a challenge to keep track of all the instances.
Disclosing Company Secrets
Text in the GDPR states that users must be notified of “the existence of automated decision-making” and provide “significant information about the logic included, as well as the significance and the envisaged consequences of such processing for the data subject.”
The latter part of this text is the challenge here; tech companies consider the working of their algorithms to be trade secrets and prefer not to disclose them to the general public. Moreover, understanding these algorithms is way beyond the scope of the common man. At most times, these are so complex that even the humans that created them can’t fully comprehend the underlying reasoning.
Will GDPR Halt AI Innovations?
The new restrictions that come with the GDPR will surely challenge the prevalent practices of AI companies with GDPR certification; they can’t collect or tamper with personal user information unless explicitly stated by the concerned user.
That being said, it does not mean that AI innovations will come to a halt. Contrarily, the AI companies will be forced to move towards the more transparent solutions like decentralised artificial intelligence and more human-comprehensive AI algorithms.