The potential for AI is growing, but technology that relies on real-live personal data requires responsible use of that technology, says the International Association of Privacy Professionals. The use of AI is predicted to grow by more than 25% each year for the next five years, according to PricewaterhouseCoopers.
Responsible AI is a technological practice centered around privacy, human oversight, robustness, accountability, security, explainability and fairness. However, 80% of surveyed organizations have yet to formalize the choice of tools to assess the responsible use of AI. Organizations find it difficult to procure appropriate technical tools to address privacy and ethical risks stemming from AI, the IAPP wrote in the report.
While organizations have good intentions, they do not have a clear picture of what technologies will get them to responsible AI. In 80% of surveyed organizations, guidelines for ethical AI are almost always limited to high-level policy declarations and strategic objectives, IAPP said.
“Without a clear understanding of the available categories of tools needed to operationalize responsible AI, individual decision makers following legal requirements or undertaking specific measures to avoid bias or a black box cannot, and do not, base their decisions on the same premises,” the report said.
When asked to specify “tools for privacy and responsible AI,” 34% mentioned responsible AI tools, 29% mentioned processes, 24% listed policies, and 13% cited skills.
- Skills and policies include checklists, using the ICO framework, developing and following playbooks, and using slack and other internal communication tools. GRC tools were also mentioned in these two categories.
- Processes include privacy impact assessments, data mapping/tagging/segregation, access management, and record of processing activities (RoPA).
- Responsible AI tools included fairlearn, InterpreML LIME, SHAP, model cards, Truera, and questionnaires filling out by the users.
While organizations are aware of new technologies such as privacy enhancing technologies, they have likely not yet deployed them, according to the IAPP. PETs offer new opportunities for privacy-preserving collaborative data analytics and privacy by design. However, 80% of organizations say they do not deploy PETs in their organizations over concerns over implementation risks.