Data breaches prompt ICO demand for greater data protection efforts in AI era

The stats paint a broader picture of pressures within the tech industry: the necessity for robust data security protocols, especially concerning AI technology development. In response, the ICO has sent out a caution to tech firms, warning them to incorporate data protection into every phase of AI creation as part of a more comprehensive approach to safeguarding personal information.

The regulator insists that AI systems processing personal data must adhere to existing transparency and data protection and guidelines, with information used during AI training, testing and execution also included. The Information Commissioner for the UK, John Edwards, is to address technology chiefs this week on the need for more stringent data privacy measures in the AI era.

“As leaders in your field, I want to make it clear that you must be thinking about data protection at every stage of your development, and you must make sure that your developers are considering this too,” Mr Edwards will say in a talk based on privacy, emerging tech and AI.

As reported by Developer Tech, Zoho UK MD, Sachin Agrawal has underlined how AI is steadily transforming business processes, and that data protection must be integrated at a baseline level as a result.

As per research conducted by Zoho, 36% of UK companies surveyed understand data privacy as a fundamental component to success. On the other hand, just under half of the firms polled (42%) said they are in line with current regulatory standards and data laws.

The gap underscores the urgent requirement for better education in the corporate world so that organisations can galvanise client data security through all levels of data management, whether AI-based or not.

Mr Agrawal has also condemned misuse of customer data, a practice that is commonplace throughout the sector. Criticising such behaviours as unethical, Mr Agrawal asserts that

principles should take priority, guiding companies to be more respectful of the data ownership rights of clients and customers.

“We believe that customers own their data, not us, and using it solely to improve our products is the right approach,” he stated. It’s a philosophy that not only delivers legal compliance but also strengthens relationships, forging crucial trust.

Know the risks

With the growing adoption of AI technology, the call for ethical data practices is anticipated to increase significantly. Businesses that fail to prioritize their customers’ best interests in

their data policies may lose customers to more ethically-minded competitors.

Speaking to GRC World Forums, Senior Privacy Counsel at OneTrust, Adomas Siudika advises:

“Deployers of high-risk AI systems will have to be prepared to update their publicly facing disclosures confirming not only the use of AI systems but also outlining whether there is any personal/sensitive information processed in any stage of the AI system lifecycle, how it is processed and explaining how individuals can exercise their hybrid AI/Privacy-linked rights e.g. a right to opt-out from being subject to AI system.

“If we want to support the ethical and legal use of AI technology, all parties involved in the AI lifecycle, including developers, deployers, traders, and users of AI, must work together and build trust in AI systems.”

The issues are central to discussions taking place this week at PrivSec Global, where experts will discuss the latest developments in regulation in the AI age.