How Can CIOs Prepare for AI Data Regulation Changes?

Reacting to the unforeseen speed at which artificial intelligence and related technologies have been developing, governments have been forced to match this pace and steamroll through ethical frameworks for governing AI. Everyone can understand the need for these new regulations, but for chief information officers and especially those in AI companies, so much rapid change has equaled the kind of uncertainties that they would prefer to avoid. 

Failing to comply with regulations can mean substantial fines, but at the same time, if they act conservatively, they risk hindering innovation and facing a backlash from both shareholders and the market.  

I wanted to share some strategic advice for CIOs looking to generate the best outcomes for their company. 

Understand What Regulators Are Trying to Achieve

For CIOs to anticipate potential changes to regulations, they need to look into the minds of regulators and understand what their main objectives are. Recent AI regulations worldwide, in my opinion, all share some common goals. 

Primarily, they are concerned with protecting people from potential harm. For example, they want to prevent bias and discrimination in AI applications that could have negative effects on society, such as say a job application system that weeds out applicants by race. 

Related:FCC: AT&T Didn't Adequately Protect Customers' Cloud Data

They also want to safeguard people’s privacy and security and basic human rights. For example, the EU’s Artificial Intelligence Act bans emotional recognition in the workplace and schools, preventing employers from possibly using AI to assess if workers are happy with their jobs or planning to leave. Social scoring mechanisms, like those rumored to be used in parts of China, are also outlawed. 

Regulators also want to ensure that AI systems are developed and used responsibly and that safeguards are in place to maintain accountability. Developers are therefore required to demonstrate transparency in how AI decisions are made and what sources are used for AI training datasets. 

Futureproof Yourself: Good Data Governance

CIOs can best protect themselves by making sure that they have their own ‘data house’ in order. This means they must be able to prove that the data sets they use for training models are traceable and that the whole process is sufficiently transparent, as this is the area they are most likely to be put under scrutiny.  

Good data governance is achievable through implementing clear rules and best practices. Some of these practices include making sure they have proof of ownership for data and using only responsible data collection methods. Putting in place these kinds of systems requires significant time and effort, especially as the authenticity of licenses can be hard to verify, but this is where you need to be watertight. Spending time and resources on data governance can help to avoid more costly mistakes down the road. 

Related:Complying With GDPR in the Age of AI

You'll often hear advice on setting up a data compliance program in your company. However, while many larger companies have the legal and other internal resources to make this possible, it's commonly out of reach for smaller organizations, which would be more prudent to focus on data governance. 

Balancing With Regulations and Innovation 

If CIOs want to make sure that their compliance initiatives do not equal a compromise in innovation, they should shift their focus to data utility rather than data volume. What this means is that unless you are Google or Adobe, you do not need to obtain colossal general data sets. Instead, you should try to work only with high-quality, relevant data that directly supports your specific AI services. 

These more specific data sets have a much smaller compliance overhead, meaning that less effort is needed to ensure all data used has been gathered ethically, complies with regulations, and all necessary licenses are in place. Using smaller but higher-quality and ethically obtained data sets is thus more cost-effective, representing an opportunity for smaller companies to compete effectively in their niche with larger players 

Investing in Data Provenance

Investing in a solid data provenance program and tools are the most cost-effective and impactful actions that CIOs can make right now to stay ahead of regulations. Data provenance refers to a means of showing the historical lineage of data by capturing its metadata as it changes through its lifecycle. For CIOs, this means that no matter what happens, at least they have the receipts.