版权说明:本文档由用户提供并上传,收益归属内容提供方,若内容存在侵权,请进行举报或认领
文档简介
stanforduniversityHuman-centered
ArtificialIntelligence
WhitePaper
February2024
JenniferKing
CarolineMeinhardt
RethinkingPrivacyintheAIEra
PolicyProvocationsforaData-CentricWorld
stanforduniversityHuman-centered
ArtificialIntelligence
WhitePaper
RethinkingPrivacyintheAIEra
Authors
JenniferKingisthePrivacyandDataPolicyFellowattheStanfordUniversity
InstituteforHuman-CenteredArtificialIntelligence(HAI).Aninternationally
recognizedexpertininformationprivacy,herresearchexaminesthepublic’s
understandingandexpectationsofonlineprivacyaswellasthepolicyimplicationsofemergingtechnologies,includingartificialintelligence.Herrecentresearch
exploresalternativestonoticeandconsent(withtheWorldEconomicForum),theimpactofCalifornia’snewprivacylaws,andmanipulativedesign(darkpatterns).
Shealsoco-directsthe
DarkPatternsTipLine
repositoryatStanford.PriortojoiningHAI,shewastheDirectorofConsumerPrivacyattheCenterforInternetandSocietyatStanfordLawSchoolfrom2018to2020.Dr.Kingcompletedherdoctoratein
informationmanagementandsystems(informationscience)attheUniversityofCalifornia,BerkeleySchoolofInformation.
CarolineMeinhardtisthepolicyresearchmanagerattheStanfordInstitutefor
Human-CenteredArtificialIntelligence(HAI),whereshedevelopsandoversees
policyresearchinitiatives.SheispassionateaboutharnessingAIgovernance
researchtoinformpoliciesthatensurethesafeandresponsibledevelopmentof
AIaroundtheworld—withafocusonresearchontheprivacyimplicationsofAI
development,theimplementationchallengesofAIregulation,andthegovernanceoflarge-scaleAImodels.PriortojoiningHAI,CarolineworkedasaChina-focusedconsultantandanalyst,managinganddeliveringin-depthresearchandstrategic
adviceregardingChina’sdevelopmentandregulationofemergingtechnologies
includingAI.SheholdsaMaster’sinInternationalPolicyfromStanfordUniversity,whereherresearchfocusedonglobalgovernancesolutionsforAI,andaBachelor’sinChineseStudiesfromtheUniversityofCambridge.
Acknowledgments
TheauthorswouldliketothankBrendaLeong,CobunZweifel-Keegan,JustinWest,KevinKlyman,andDanielZhangfortheirvaluablefeedback,NicoleTongandColeFordforresearchassistance,andJeaninaCasusi,JoeHinman,NancyKing,ShanaLynch,CarolynLehman,andMichiTurnerforpreparingthepublication.
Disclaimer
TheStanfordInstituteforHuman-CenteredArtificialIntelligence(HAI)isanonpartisanresearchinstitute,representingarangeofvoices.TheviewsexpressedinthisWhitePaperreflecttheviewsoftheauthors.
2
stanforduniversityHuman-centered
ArtificialIntelligence
WhitePaper
RethinkingPrivacyintheAIEra
TableofContents
Authors2
Acknowledgments2
TableofContents3
ExecutiveSummary4
Chapter1:Introduction5
Chapter2:DataProtectionandPrivacy:
KeyConceptsandRegulatoryLandscape7
a.FairInformationPracticePrinciples:
Theframeworkbehinddataprotectionandprivacy9
b.GeneralDataProtectionRegulation:
The“globalstandard”fordataprotection10
c.U.S.StatePrivacyLaws:Fillingthefederalprivacyvacuum12
d.PredictiveAIvs.GenerativeAI:Aninflectionpoint
fordataprotectionregulation14
Chapter3:ProvocationsandPredictions17
a.DataisthefoundationofAIsystems,
whichwilldemandevergreateramountsofdata17
b.AIsystemsposeuniqueriskstobothindividualand
societalprivacythatrequirenewapproachestoregulation19
c.Dataprotectionprinciplesinexistingprivacylaws
willhaveanimplicit,butlimited,impactonAIdevelopment22
d.TheexplicitalgorithmicandAI-basedprovisionsin
existinglawsdonotsufficientlyaddressprivacyrisks25
e.Closingthoughts29
Chapter4:SuggestionsforMitigatingthePrivacyHarmsofAI31
Suggestion1:Denormalizedatacollectionbydefault33
Suggestion2:FocusontheAIdatasupplychainto
improveprivacyanddataprotection36
Suggestion3:Flipthescriptonthemanagementofpersonaldata41
Chapter5:Conclusion45
Endnotes46
3
4
stanforduniversityHuman-centered
ArtificialIntelligence
WhitePaper
RethinkingPrivacyintheAIEra
ExecutiveSummary
Inthispaper,wepresentaseriesofargumentsandpredictionsabouthowexistingandfutureprivacyanddataprotectionregulationwillimpactthedevelopmentanddeploymentofAIsystems.
DataisthefoundationofallAIsystems.Goingforward,AIdevelopmentwillcontinuetoincreasedevelopers’hungerfortrainingdata,fuelinganevengreaterracefordataacquisitionthanwehavealreadyseeninpastdecades.
Largelyunrestraineddatacollectionposesuniqueriskstoprivacythatextendbeyondtheindividuallevel—theyaggregatetoposesocietal-levelharmsthatcannotbeaddressedthroughtheexerciseofindividualdatarightsalone.
Whileexistingandproposedprivacylegislation,groundedinthegloballyacceptedFairInformationPractices
(FIPs),implicitlyregulateAIdevelopment,theyarenotsufficienttoaddressthedataacquisitionraceaswellastheresultingindividualandsystemicprivacyharms.
Evenlegislationthatcontainsexplicitprovisionsonalgorithmicdecision-makingandotherformsofAIdoesnotprovidethedatagovernancemeasuresneededtomeaningfullyregulatethedatausedinAIsystems.
WepresentthreesuggestionsforhowtomitigatetheriskstodataprivacyposedbythedevelopmentandadoptionofAI:
1.Denormalizedatacollectionbydefaultbyshiftingawayfromopt-outtoopt-indatacollection.
Datacollectorsmustfacilitatetruedataminimizationthrough“privacybydefault”strategiesandadopttechnicalstandardsandinfrastructureformeaningfulconsentmechanisms.
2.FocusontheAIdatasupplychaintoimproveprivacyanddataprotection.Ensuringdataset
transparencyandaccountabilityacrosstheentirelifecyclemustbeafocusofanyregulatorysystemthataddressesdataprivacy.
3.Flipthescriptonthecreationandmanagementofpersonaldata.Policymakersshouldsupportthedevelopmentofnewgovernancemechanismsandtechnicalinfrastructure(e.g.,dataintermediariesanddatapermissioninginfrastructure)tosupportandautomatetheexerciseofindividualdatarightsand
preferences.
5
stanforduniversityHuman-centered
ArtificialIntelligence
WhitePaper
RethinkingPrivacyintheAIEra
Chapter1:Introduction
Intheopeningmonthsof2024,artificialintelligence
(AI)issquarelyinthesightsofregulatorsaroundthe
globe.TheEuropeanUnionissettofinalizeitsAIAct
laterthisyear.Otherpartsoftheworld,fromtheUnitedKingdomtoChina,arealsocontemplatingand,insomecasesalreadyimplementing,wide-rangingAIregulation.IntheUnitedStates,arecentmilestoneExecutive
OrderonAImarkedtheclearestsignalyetthatthe
Bidenadministrationispoisedtotakeacomprehensive
approachtoAIgovernance.1Withfederallegislationto
regulateAIyettopass,agrowingnumberoffederal
agenciesandstatelegislatorsareclarifyinghowexistingregulationrelatestoAIwithintheirjurisdictionalareas
andproposingAI-specificregulation.2
WhilemuchofthediscussionintheAIregulatory
spacehascenteredondevelopingnewlegislationtodirectlyregulateAI,therehasbeencomparativelylittlediscourseonthelawsandregulationsthatalready
impactmanyformsofcommercialAI.Inthiswhite
paper,wefocusontheintersectionofAIregulation
withtwospecificareas:privacyanddataprotection
legislation.TheconnectivetissuebetweenprivacyandAIisdata:NearlyallformsofAIrequirelargeamountsoftrainingdatatodevelopclassificationordecisionalcapabilities.WhetherornotanAIsystemprocesses
orrendersdecisionsaboutindividuals,ifasystem
includespersonalinformation,particularlyidentifiablepersonalinformation,aspartofitstrainingdata,itislikelytobesubject—atleastinpart—toprivacyanddataprotectionregulations.
Wemakeasetofargumentsandpredictionsabout
howexistingandfutureprivacyanddataprotection
regulationsintheUnitedStatesandtheEUwillimpactthedevelopmentanddeploymentofAIsystems.We
startwiththefundamentalassumptionthatAIsystemsrequiredata—massiveamountsofit—fortraining
purposes.Itisthisneedfordata,asbestevidencedbydata-hungrygenerativeAIsystemssuchasChatGPT,thatwepredictwillfuelanevengreaterracefordataacquisitionthanwe’vewitnessedoverthelastdecadesofthe“BigData”era.Thisneedwillinturnimpactbothindividualandsocietalinformationprivacy—notjust
throughthedemandfordata,butalsobytheimpactsthisneedwillhaveonspecificissuessuchasconsent,provenance,andtheentiredatasupplypipelineandlifecyclemoregenerally.3
WemoveontoexaminingAI’suniquerisksto
consumerandpersonalprivacy,which—unlikemany
technology-fueledprivacyharmsthatprimarilyimpactindividuals—aggregatetoposesocietal-levelrisks
thatexistingregulatoryprivacyframeworksarenot
designedtoaddress.Wearguethatexistinggovernanceapproaches,whicharebasedpredominantlyonthe
globallyacceptedFairInformationPractices(FIPs),
willnotbesufficienttoaddressthesesystemicprivacyrisks.Finally,weclosewithsuggestedsolutionsfor
mitigatingtheseriskswhilealsoofferingnewdirectionsforregulationinthisarea.
What’satStake:TheFutureof
BothPrivacyandAI
DataisakeycomponentforallAIsystems—todate,themostsignificantimprovementsinAIsystems
havebeentiedtoaccesstoverylargeamountsof
trainingdata.Thisfactdoesnotnecessarilymean
thatalladvancementsinAIwillrequiremassive
amountsofdata;aswediscusslater,someresearchersareobservingqualityversusquantitytrade-offs
6
stanforduniversityHuman-centered
ArtificialIntelligence
WhitePaper
RethinkingPrivacyintheAIEra
thatindicatemoremaynotreliablymeanbetter.
Regardless,wearepresentlyataninflectionpointwherethereisconsiderablepressureforcompaniestobuildmassivetrainingdatasetstomaintaintheircompetitiveadvantage.
Aprimaryconcernmotivatingthispaperisthatdespitethefactthatexistingandproposedprivacyanddata
protectionlawsonbothsidesoftheAtlanticwillhaveanimpactonAI,theywillnotsufficientlyregulate
thedatasourcesthatAIsystemsrequireinaway
thatwillsubstantivelypreserve,orevenimprove,our
dataprivacy.Inthispaper,weexploreseveralrelatedconcerns:
1.Theframeworkthatunderliesdataprotectionlawshasweaknessesthatwillnotgiveindividualsthetoolstheyneedtopreservetheirdataprivacyas
AIadvances;
2.Italsofailstoaddresssocietal-levelprivacyrisks;
3.PolicymakersmustexpandthescopeofhowweapproachprivacyanddataprotectiontoaddresstheseweaknessesandbolsterdataprivacyinanincreasinglyAIdominantworld.
Westartfromtheassumptionthatformostofus
thecurrentstateofourdataprivacyrangesfrom
suboptimaltodismal.IntheUnitedStates,pollshaveshownthatthepubliclargelyfeelsasiftheyhavenocontroloverthedatathatiscollectedaboutthem
online;4thatthebenefitstheyreceiveinexchangefor
theirdataarenotalwaysworththebargainoffree
access;andthatinmostdatarelationships,consumershavenoabilitytonegotiatemorefavorableterms—
andinmanyinstances,believetheyarelockedinorhavefewifanyalternatives.5
Inshort,aswemovetowardafutureinwhichAI
developmentcontinuestoincreasedemandsfor
data,dataprotectionregulationthatatbestmaintainsthestatusquodoesnotinspireconfidencethatthe
datarightswehavewillpreserveourdataprivacy
asthetechnologyadvances.Infact,webelieve
thatcontinuingtobuildanAIecosystematopthis
foundationwilljeopardizewhatlittledataprivacywehavetoday.
Thispaperfocusesonthecoreissuesthatwebelieverequirethemostattentiontoaddressthisstateof
affairs.Itdoesnotclaimtoaddressorsolveeverything.Butwedobelievethatiftheseissuesaren’tsufficientlyacknowledgedandaddressedthroughregulationandenforcement,weleaveourselvesopentoasituation
whereprivacyprotectioncontinuestodeteriorate.
Therearemanyworriesattachedtohowourworld
willchangeasitcontinuestoembraceAI.Concernsrelatedtobiasanddiscriminationhavealready
generatedextensivedebateanddiscussion,andwearguethatasubstantiallossofdataprivacyisanothermajorriskthatdeservesourheightenedconcern.
7
stanforduniversityHuman-centered
ArtificialIntelligence
WhitePaper
RethinkingPrivacyintheAIEra
Chapter2:DataProtectionandPrivacy:
KeyConceptsandRegulatoryLandscape
ThelasttwoyearshaveseengroundbreakingadvancesinAI,aperiodinwhichgenerativeAItoolsbecame
widelyavailable,inspiringandalarmingmillionsof
peoplearoundtheworld.Largelanguagemodels
(LLMs)suchasGPT-4,PaLM,andLlama,aswellas
AIimagegenerationsystemssuchasMidjourneyandDALL-E,havemadeatremendouspublicsplash,whilemanyotherlessheadline-grabbingformsofAIalso
continuedtoadvanceatbreakneckspeed.
WhilerecognizingtherecentdominanceofLLMsinpublicdiscourse,inthispaperweconsiderthedataprivacyandprotectionimplicationsofawiderarrayofAIsystems,definedmorebroadlyas“engineeredormachine-basedsystem[s]thatcan,foragivensetofobjectives,generateoutputssuchaspredictions,recommendations,ordecisionsinfluencingrealor
virtualenvironments.”6Forexample,weconsidera
rangeofpredictiveAIsystems,suchasthosebasedonmachinelearning,thatanalyzevastamountsof
datatomakeclassificationsandpredictions,rangingfromfacialrecognitionsystemstohiringalgorithms,criminalsentencingalgorithms,behavioraladvertisingandprofiling,andemotionrecognitiontools,to
nameafew.Thesesystemsoperatewithvarying
levelsofautonomy,with“automateddecision-
making”referringtoAIsystemsmakingdecisions(suchasawardingaloanorhiringanewemployee)
withoutany,orminimal,humaninvolvement.7
WhilegenerativeAIsystemsalsorelyonpredictive
processes,thosesystemsultimatelyfocusoncreatingnewcontentrangingfromtexttoimages,video,andaudioastheiroutput.
Whilesomepolicymakersarekeentodemonstratethattheyareassuagingthepublic’sgrowingconcerns
abouttherapiddevelopmentand
deploymentofAIbyintroducingnew
legislation,thereisagrowingdebate
overwhetherexistinglawsprovidesufficientprotectionandoversightofAIsystems.
Inresponsetothesewidelypublicizeddevelopments,
bothpolicymakersandthegeneralpublichave
calledforregulatingAItechnologies.Since2020,countriesaroundtheworldhavebegunpassing
AI-specificlegislation.8WhiletheEUfinalizesthe
parametersofitsAIAct,thebloc’sattempttoprovideoverarchingregulationofAItechnologies,theUnitedStatespresentlylacksageneralizedapproachtoAI
regulation,thoughmultiplefederalagencieshavereleasedpolicystatementsassertingtheirauthorityoverAIsystemsthatproduceoutputsinviolation
ofexistinglaw,suchascivilrightsandconsumer
protectionstatutes.9SeveralU.S.statesand
municipalitieshavealsotackledgeneralconsumerregulationofAIsystems.10
8
stanforduniversityHuman-centered
ArtificialIntelligence
WhitePaper
RethinkingPrivacyintheAIEra
Whilesomepolicymakersarekeentodemonstrate
thattheyareassuagingthepublic’sgrowingconcernsabouttherapiddevelopmentanddeploymentofAI
byintroducingnewlegislation,thereisagrowing
debateoverwhetherexistinglawsprovidesufficient
protectionandoversightofAIsystems.Aswediscussinthiswhitepaper,privacyanddataprotectionlaws
intheUnitedStatesandtheEUalreadydothework
ofregulatingsome—thoughnotall—aspectsofAI.
Whethertheseexistinglaws,andproposedonesbasedontheseframeworks,areadequatetoanticipateand
respondtoemergentformsofAIwhilealsoaddressingprivacyrisksandharmsisaquestionwewilladdresslaterinthispaper.
Beforewedelveintothedetailsofourarguments,weprovideabriefoverviewofthepresentstateofdataprotectionandprivacyregulationsintheEUandtheUnitedStatesthatimpactAIsystems,startingwiththefoundationalFairInformationPractices(FIPs).Thosefamiliarwiththeseregulationsmaywishtoskipaheadtothenextchapter.
DataPrivacyandDataProtection
Dataprivacyanddataprotectionaresometimesusedinterchangeablyincasualconversation.Whilethesetermsarerelatedandhavesomeoverlap,theydifferinsignificantways.
Dataprivacyisprimarilyconcernedwithwhohasauthorizedaccesstocollect,process,and
potentiallyshareone’spersonaldata,andtheextenttowhichonecanexercisecontroloverthataccess,includingbyoptingoutofdatacollection.Theterm’sscopeisfairlybroad,asitpertainsnotjustto
personaldatabuttoanykindofdatathat,ifaccessedbyothers,wouldbeseenasinfringingonone’srighttoaprivatelifeandpersonalautonomy.
Privacyisoftendescribedintermsofpersonalcontroloverone’sinformation,thoughthisconceptionhasbeenchallengedbytheincreasinglossofcontrolthatmanyhaveovertheirdata.Butitisthis
notionofpersonalcontrolthatunderliesbothexistingprivacyregulationsandframeworks.Whatis
considered“private”isalsocontextuallycontingent,inthatdatasharedinonecontextmaybeviewedasappropriatebyanindividualordatasubject(e.g.,sharingone’srealtimelocationdatawithafriend)butnotinanother(e.g.,athirdpartycollectingone’srealtimelocationdataandusingitforadvertisingpurposeswithoutexplicitpermission).Therelationalnatureofdatahasalsochallengedtheideaof
privacyaspersonalcontrol,asdatathatissocialinnature(e.g.,sharedsocialmediaposts)ordatathatcanrevealbothbiologicaltiesandethnicidentities(e.g.,geneticdata)continuetogrow.
9
stanforduniversityHuman-centered
ArtificialIntelligence
WhitePaper
RethinkingPrivacyintheAIEra
DataPrivacyandDataProtection(cont’d)
Dataprotectionreferstotheactofsafeguardingindividuals’personalinformationusingasetof
proceduralrights,whichincludesensuringthatdataisprocessedfairly,forspecifiedpurposes,and
collectedonthebasisofoneofsixacceptedbasesforprocessing.11Consentisthestrictestbasisand
allowsindividualstowithdrawitafterthefact.Bycontrast,legitimateinterestprovidesthegreatest
latitude—thislegalgroundforprocessingdataallowsprocessorstojustifydataprocessingonthebasisofthisdatabeingneededtocarryouttasksrelatedtotheirbusinessactivity.Dataprocessorsmuststillrespectindividuals’fundamentaldataprotectionrights,suchasprovidingnoticewhendataiscollected,givingaccesstoone’scollectedinformation,providingthemeanstocorrecterrors,delete,ortransferit(dataportability)tootherprocessors,andaffordingtherighttoobjecttotheprocessingitself.Butthereisabiastowardacceptingasagiventhecollectibilityofsomeformsofpersonaldatabydefault.
TheEUformallydistinguishesbetweenpersonalprivacy(i.e.,respectforanindividual’sprivatelife)and
dataprotection,enshriningeachinitsEuropeanCharterofFundamentalRights.Nevertheless,there
areareasofoverlapandtheconceptscomplementeachother.Whendataprotectionprinciplesdonotapplybecausethecollectedinformationisnotpersonaldata(e.g.,anonymizedbodyscannerdata),thefundamentalrighttoprivacyappliesasthecollectionofbodilyinformationaffectsaperson’sindividualautonomy.Conversely,dataprotectionprinciplescanensurelimitsonpersonaldataprocessing,evenwhensuchprocessingisnotthoughttoinfringeuponprivacy.12
a.FairInformationPractice
Principles:Theframework
behinddataprotectionand
privacy
Mostmodernprivacylegislation,atitscore,is
basedontheFairInformationPractices(FIPs),a
50-plus-year-oldsetofprinciplesthatareacceptedaroundtheglobeasthefundamentalframeworkforprovidingindividualswithdueprocessrightsfortheir
personaldata.13ProposedasaU.S.federalcodeoffair
informationpracticesforautomatedpersonaldatasystemsintheearly1970s,theFIPsintroducedfive
safeguardrequirementsregardingpersonalprivacyasameansofensuring“informationaldueprocess.”14Theyfocusontheobligationsofrecord-keeping
organizationstoallowindividualstoknowabout,
preventalternativeusesof,andcorrectinformation
collectedaboutthem.15AspolicyexpertMark
MacCarthydescribes,“Allthesemeasuresworkedtogetherasacoherentwholetoenforcetherightsofindividualstocontrolthecollectionanduseofinformationaboutthemselves.”16
Ratherthanframinginformationprivacyasa
fundamentalhumanright,asboththeUnitedNationsUniversalDeclarationofHumanRightsandthe
10
stanforduniversityHuman-centered
ArtificialIntelligence
WhitePaper
RethinkingPrivacyintheAIEra
EuropeanCharterofFundamentalRightsdowitha
moregeneralconceptionofprivacy,theFIPsoutline
asetofrulesandobligationsbetweentheindividual
(datasubject)andtherecord-keeper(dataprocessor).17TheFIPsweredraftedaroundacoreassumptionthatthestatehasalegitimateneedtocollectdataabout
itscitizensforadministrativeandrecord-keepingpurposes.18Thisassumption—thatdatacollectionisnecessaryandappropriatefortheworkingsof
themodernstatebutmustbedonefairlyandwithproceduralsafeguardsinplace—wasincorporatedintosubsequentrevisionsoftheFIPs,evenastheywereincreasinglyappliedtotheprivatesector.
Themostinternationallyinfluentialversion,developed
bytheOrganisationforEconomicCooperation
andDevelopment(OECD)in1980andamendedin
2013,consolidatesandexpandstheoriginalFIPs
intoeightprinciplescoveringcollectionlimitation,
dataquality,purposespecification,uselimitation,
securitysafeguards,openness,individualparticipation,andaccountability.19Theguidelinesreflectabroad
internationalconsensusonhowtoapproach
privacyprotectionthathastranslatedintoapolicy
convergencearoundenshriningtheFIPsasacorepartofinformationprivacylegislationaroundtheworld.20
Despitehavingbeenconceivedlongbeforethe
emergenceofthecommercialinternet,letalone
socialmediaplatformsandgenerativeAItools,core
componentsoftheFIPs,suchasdataminimization
andpurposelimitation21,directlyimpacttoday’sAI
systemsbylimitinghowbroadlycompaniescan
repurposedatacollectedforonecontextorpurposetocreateortrainnewAIsystems.TheEU’sGeneralDataProtectionRegulation(GDPR),aswellasCalifornia’s
privacyregulationsandtheproposedAmericanDataPrivacyandProtectionAct(ADPPA),reliesheavilyontheseprinciples.Theseregulations’attemptstoclarify
TheFIPsweredraftedarounda
coreassumptionthatthestatehasalegitimateneedtocollectdataaboutitscitizensforadministrativeand
record-keepingpurposes.
theapplicationoftheFIPstoprivacycontrolsamid
exponentiallyincreasingvolumesofonlineconsumersandcommercialdatashedfurtherlightontheimpactofprivacyregulationonAI.
b.GeneralDataProtectionRegulation:The“global
standard”fordataprotection
Passedin2016andineffectasof2018,theGeneralDataProtectionRegulationistheEU’sattemptto
bothupdatethe1995DataProtectionDirectiveandharmonizethepreviouspatchworkoffragmentednationaldataprivacyregimesacrossEUmember
countriesandtoenablestrongerenforcementof
Europeans’datarights.22Atitscore,theGDPRis
centeredonpersonaldata,whichisdefinedas“any
informationrelatingtoanidentifiedoridentifiable
naturalperson.”23Itgrantsindividuals(“datasubjects”)rightsregardingtheprocessingoftheirpersonaldata,suchastherighttobeinformedandalimitedrighttobeforgotten,andguideshowbusinessescanprocesspersonalinformation.Itisarguablythemostsignificantdataprotectionlegislationintheworldtoday,spurringcopycatlegislationandimpactingtheframingofdataprotectionaroundtheglobe.AsaresultoftheGDPR’sdirectapplicabilitytoAIanditsdominanceacross
11
stanforduniversityHuman-centered
ArtificialIntelligence
WhitePaper
RethinkingPrivacyintheAIEra
theglobe,dataprotectionandprivacyconcernsarelargelyabsentfromtheEU’sAIAct.
TheGDPRcontainsseveralprovisionsthatapply
toAIsystems,eventhoughitdoesnotspecifically
includetheterm“artificialintelligence.”Instead,
Article22providesprotectionstoindividualsagainstdecisions“basedsolelyonautomatedprocessing”ofpersonaldatawithouthumanintervention,alsocalledautomateddecision-making(ADM).24Itenshrines
therightofindividualsnottobesubjecttoADM
wherethesedecisionscouldproduceanadverse
legalorsimilarlysignificanteffectonthem.Giventhewides
温馨提示
- 1. 本站所有资源如无特殊说明,都需要本地电脑安装OFFICE2007和PDF阅读器。图纸软件为CAD,CAXA,PROE,UG,SolidWorks等.压缩文件请下载最新的WinRAR软件解压。
- 2. 本站的文档不包含任何第三方提供的附件图纸等,如果需要附件,请联系上传者。文件的所有权益归上传用户所有。
- 3. 本站RAR压缩包中若带图纸,网页内容里面会有图纸预览,若没有图纸预览就没有图纸。
- 4. 未经权益所有人同意不得将文件中的内容挪作商业或盈利用途。
- 5. 人人文库网仅提供信息存储空间,仅对用户上传内容的表现方式做保护处理,对用户上传分享的文档内容本身不做任何修改或编辑,并不能对任何下载内容负责。
- 6. 下载文件中如有侵权或不适当内容,请与我们联系,我们立即纠正。
- 7. 本站不保证下载资源的准确性、安全性和完整性, 同时也不承担用户因使用这些下载资源对自己和他人造成任何形式的伤害或损失。
评论
0/150
提交评论