The Spanish guidance is much more relaxed than the ones from UK, France, and Germany – adding to the somewhat different expectations across the EU member states.
Great presentation that breaks down what needs to be considered from a privacy point of view in the different phases of an AI project.
My hope is to turn these into a “checklist” for new AI experiments that are run on pre-assessed AI platforms. (I’m very interested in comments).
Full slides from DPC19 :
Phases of an AI project
- Problem identification
- Impact of the AI?
- Purpose limitation
- Planning of solution & resources
- Identify Data Sources
- Getting access, data transfer
- Compliance requirements for the data
- Data minimization & pseudonymization
- Data Pre-Processing
- Exploratory Data Analysis
- Feature selection (data minimization)
- Feature engineering
- Training, validation, testing
- Does the model generalize well? (Test for bias/variance)
- Support explanation
- Re-identification risk: Will the analysis or model be published?
- Explanation to domain experts and/or data subjects
- Incremental learning
- Request of data subjects
- Rights to get an explanation
- Right to be forgotten
Joint paper on the use of hash techniques in data processing activities as a safeguard for personal data