Unchecked AI rollout threatens privacy rights

There is nothing more humiliating than being searched in a store for shoplifting.

Unfortunately, this humiliating scenario has evolved in recent years. Rite Aid stores nationwide. Facial recognition systems powered by artificial intelligence algorithms that exhibit inherent bias against minorities have forced retail store clerks to confront individuals who have been flagged as shoplifting suspects.

Rite Aid said the practice was an experimental program rolled out in a “limited number of stores” that lasted nearly eight years. Nevertheless, the effects of this practice were far-reaching, with countless innocent shoppers exposed to humiliation, often in front of their friends and relatives. Many had to defend themselves from baseless accusations.

“Rite Aid's reckless use of facial surveillance systems exposed customers to humiliation and other harm,” Samuel Levin, director of the Federal Trade Commission's Consumer Protection Bureau, released a 54-page complaint against the pharmacy chain. “It was done,” he said.

Rite Aid is a notable example of the impact of deploying artificial intelligence algorithms without rigorous testing and scrutiny to prevent unintended consequences.

Many other companies run into similar issues when implementing AI without thorough review.

The allure of technology can blind us to potential pitfalls. But it goes without saying that organizations should not allow themselves to fall into the same trap.

My experience within the industry gives me a hunch about the industry's ability to self-regulate. As AI technologies continue to violate fundamental privacy rights, failures like the Rite Aid scandal will become more common, prompting regulators to take tougher action in the near term. As data collection increases exponentially through various means, including the Internet of Things, the threat will only increase.

At least we've come a long way from the Western scenario that reigned just five years ago, when widespread data breaches and a general lack of accountability were rampant. Personal privacy and security were mere afterthoughts as emerging technologies were accepted and commonly deployed with little regard for basic protections.It is enough to review the problems Equifax breach It exposed the credit ratings of a conservatively estimated 150 million people.

Against this background, there is a movement in earnest to introduce strict privacy protection measures. The FTC previously took action against Rite Aid and is now beginning to take enforcement action. Children's privacy protection. According to the report, these efforts include limiting tracking by a variety of services, including social media apps, video game platforms, toy retailers, and digital advertising networks. This is just the beginning of these efforts.

Now, with AI poised to take hold and revolutionize the way even the most mundane business processes are performed, it's time to redouble your data protection efforts. National data privacy efforts need to be approached with a sense of urgency.

We see some baby steps. One year after he launched ChatGPT, President Biden issued the following statement: presidential order It aims to ensure that the widespread adoption of AI is “safe, secure and reliable”. The order aims to increase government oversight of technology to prevent negative effects, such as reporting on “red team” testing to detect hidden flaws in technology.

As technology adoption accelerates, growing privacy concerns are becoming evident.Recent actions by the European Union — including those of the European Data Protection Board Restrictions on meta-processing of personal data for behavioral advertising — highlights growing concerns about rapid advances in AI, along with efforts by state legislatures to protect individual privacy.

Much of that anxiety stems from the major AI players being opaque about the training data used to inform their respective models. Indiana University researchers The flaw in the current system has already been detected and is a workaround that circumvents what the developers say is a safeguard that prevents access to personal information.

The researchers' revelations are a deafening wake-up call that personal information is at high risk and, if left unchecked, could pose the greatest threat to personal privacy ever. It should ring.

Data protection compliance is a legal requirement. But more importantly, it is an ethical obligation. There's one surefire way to ruin your company's reputation. It is about handling personal data quickly and flexibly.

Just as the U.S. Constitution enshrines certain fundamental civil rights and freedoms, a new Digital Bill of Rights should also be codified to protect online activities and personal data.

of European Union General Data Protection Regulation and California Consumer Privacy Act Both are good starts. Rather than creating 50 sets of state privacy rights regulations, the United States is requiring national standards.

Ensuring data privacy shouldn't be a cat-and-mouse game where developers try to stay one step ahead of regulators. Essentially, people have the right to know what data is collected, where it is stored, and who has access to it. And it should be easy to understand, not a multi-page document written in legalese, but in the same format and manner that consumers can request their credit reports today.

Some social media companies that incorporate selling personal information into their business models are concerned that stricter data protection rules could disrupt their revenue streams. Some services that are currently offered free of charge may require you to pay a small fee in the name of data protection. That may have to be the ultimate trade-off for the people.

Just as developers need to be conscious of data privacy, so too should users. There is some responsibility on the public to monitor what data they share. This means embracing virtual private networks, encrypted messaging apps, and requiring a level of transparency from data collectors.

Ultimately, how personal data is protected is through a partnership built on trust between developers and users, with regulators setting standards behind the scenes.

Scott Allendevaux is a Senior Practice Director at Allendevaux & Company, a data protection agency.