Artificial Intelligence (AI) has become increasingly sophisticated, sometimes even to the point that its developers do not understand how it works. As AI is used in more and more applications, consumers and regulators alike may demand transparency around how AI works.
However, this may become somewhat of a black box in which AI users cannot interpret results or methods surrounding AI implementation. Additionally, even when the methodology is known, it may pose security risks to be transparent. Below, we discuss the myths and reality surrounding AI transparency and privacy law.
Transparency in Data Protection Law
One of the principles of the GDPR is that technology is transparent to the public. The language to describe its application and how it works must be clear, in plain language, and easy to understand. When appropriate, the visualization should also be used.
Lawmakers around the globe have expressed concern regarding AI and how it works. It is concerned that algorithms may use personal information to perpetuate prejudices or discriminatory practices and has called for governments to consider implementing measures to improve algorithms’ transparency.
While this principle is laudable, it also underscores the limits of regulating AI in this way. By providing readily accessible information about AI, the very people it is meant to protect can potentially be harmed when criminals realize how the technology works and how to exploit it.
Risks of Data Breaches or Cyberattacks Because of Transparency Law
Today, massive amounts of data are stored on various computer servers. Hackers are experts at exploiting any vulnerabilities in a system. According to statistics, they may cause a data breach that exposes the private information of millions of individuals, which is part of why AI transparency and privacy are so important.
The transparency law requires that companies explain how data is collected about a person and its use. However, the more information that technology developers provide to the general public about how their unique algorithms work, the easier it becomes for hackers to exploit them and use the data for nefarious purposes. This creates a dichotomy between transparency and privacy risks where regulators want to understand AI to ensure it does not misuse information and wants to protect individuals’ privacy. These two objectives can lead to contradictory results and objectives.
The Limits of Transparency for AI
Data protection often focuses on safeguarding people’s rights to decide how others ultimately use information about them. As explained above, the more transparent companies are about how big data is used, the more likely hackers will manipulate it. Revealing too much about the underlying algorithm may reveal trade secrets or interfere with a company’s intellectual property rights. Additionally, because advanced technology is used, its users may not explain how AI uses information because of the black box conundrum.
Tools and Methods for Good Data Protection in AI
Fortunately, there are several tools and methods for data protection in AI, including the following:
- Reducing the amount of data that is aggregated during machine learning by selecting the right features and appropriately adjusting them from the onset
- Utilizing existing models that solve similar tasks to limit the amount of data is required to teach the new system
- Limiting access to AI of precise details about specific individuals
- Utilizing homomorphic encryption which enables users to process data while it still maintains its encryption
- Understanding how AI makes automated decisions by having the system explain their own decision
Real Risks for Regular Users and Companies
AI transparency poses challenges for regular users and companies. Regular users must do their best to understand how their data is collected and used and opt-out of applications they do not agree with or condone. The presence of big data makes it vulnerable to attacks such as corporate or individual identity theft.
Additionally, disclosing how algorithms work may cause the system to be hacked. Likewise, companies may be more susceptible to regulatory action or lawsuits if they are completely transparent about their AI use.
The myth surrounding AI transparency is that developers can easily understand how AI reaches its decisions and can provide a clear explanation about this that aids the understanding of the general public without creating new risks. However, the reality is that some users may not understand how the machine makes the decision it does while others may expose themselves and the people for whom they collected data to a breach by being transparent about the use of AI.
Companies and organizations will need to carefully consider the risks using AI poses, the information they generate about such risks, and how they can share and protect this information.