Information Commissioner's Office
A call for participation: Building the ICO’s auditing framework for Artificial Intelligence
Blog posted by: Simon McDougall, 18 March 2019.
Simon McDougall, Executive Director for Technology Policy and Innovation, invites comment from organisations on the development of an auditing framework for AI.
Applications of Artificial Intelligence (AI) are starting to permeate many aspects of our lives. I see new and innovative uses of this technology every day: in health care, recruitment, commerce . . . the list goes on and on.
We know the benefits that AI can bring to organisations and individuals. But there are risks too. And that’s what I want to talk about in this blog post.
The General Data Protection Regulation (GDPR) that came into effect in May was a much-needed modernisation of data protection law.
Its considerable focus on new technologies reflects the concerns of legislators here in the UK and throughout Europe about the personal and societal effect of powerful data-processing technology like profiling and automated decision-making.
The GDPR strengthens individuals’ rights when it comes to the way their personal data is processed by technologies such as AI. They have, in some circumstances, the right to object to profiling and they have the right to challenge a decision made solely by a machine, for example.
The law requires organisations to build-in data protection by design and to identify and address risks at the outset by completing data protection impact assessments. Privacy and innovation must sit side-by-side. One cannot be at the expense of the other.
That’s why AI is one of our top three strategic priorities.
And that’s why we’ve added to our already expert tech department by recruiting Dr. Reuben Binns, our first Postdoctoral Research Fellow in AI. He will head a team from my Technology Policy and Innovation Directorate to develop our first auditing framework for AI.
The framework will give us a solid methodology to audit AI applications and ensure they are transparent, fair; and to ensure that the necessary measures to assess and manage data protection risks arising from them are in place.
The framework will also inform future guidance for organisations to support the continuous and innovative use of AI within the law. The guidance will complement existing resources, not least our award winning Big Data and AI report.
But we don’t want to work alone. We’d like your input now, at the very start of our thinking.
Whether you’re a data scientist, app developer or head up a company that relies on AI to do business, whether you’re from the private, public or third sector, we want you to join our open discussion about the genuine challenges arising from the adoption of AI. This will ensure the published framework will be both conceptually sound and applicable to real life situations.
We welcome your thoughts on the plans and approach we set out in this post. We will shortly publish another article here to outline the proposed framework structure, its key elements and focus areas.
On this new blog site you will be able to find regular updates on specific AI data protection challenges and on how our thinking in relation to the framework is developing. And we want your feedback. You can leave us a comment or email us direct.
The feedback you give us will help us shape our approach, research and priorities. We’ll use it to inform a formal consultation paper, which we expect to publish by January 2020. The final AI auditing framework and the associated guidance for firms is on track for publication by spring 2020.
We look forward to working with you!
Simon McDougall is Executive Director for Technology Policy and Innovation at the ICO where he is developing an approach to addressing new technological and online harms. He is particularly focused on artificial intelligence and data ethics.
He is also responsible for the development of a framework for auditing the use of personal data in machine learning algorithms.
Latest News from
Information Commissioner's Office
From facial recognition technology to children online: regulating data protection in 202103/03/2021 16:25:00
ICO urges businesses to act now as Children’s Code comes into force in six months03/03/2021 12:25:00
Initial findings from industry research set up by the Information Commissioner’s Office (ICO) show that three quarters of businesses surveyed are aware of the Children’s Code.
Guest blog: Working for a regulator like the ICO02/03/2021 12:25:00
As the ICO seeks to employ a Post Doctoral Research Fellowship in Artificial Intelligence (AI), the former post holder, Professor Reuben Binns, reflects on his time in the role.
ICO's blog on its information rights work25/02/2021 12:25:00
Colleagues from the ICO’s FOI Directorate share their experiences and involvement in raising awareness of our regulation of access to information legislation.
ICO statement in response to the publication of a draft adequacy decision from the European Commission22/02/2021 10:20:00
The European Commission has published its draft UK adequacy decisions. If adopted these decisions will allow for continued free flow of personal data from the EU into the UK.
ICO launches data analytics toolkit17/02/2021 15:20:00
The Information Commissioner’s Office (ICO) is urging all organisations considering using data analytics on personal data to look at its new toolkit.
ICO issues fines totalling £270,000 to firms making nuisance calls15/02/2021 12:25:00
The Information Commissioner’s Office (ICO) has issued fines totalling £270,000 to two separate companies for making unlawful marketing calls to numbers registered with the Telephone Preference Service (TPS).
Blog: Supporting Novartis to improve patient care during the pandemic08/02/2021 14:33:00
The latest Sandbox report is from medicines company Novartis, which uses innovative science and digital technologies to help transform patient care and improve their experiences and outcomes.