Great presentation that breaks down what needs to be considered from a privacy point of view in the different phases of an AI project.
My hope is to turn these into a “checklist” for new AI experiments that are run on pre-assessed AI platforms. (I’m very interested in comments).
Full slides from DPC19 :
https://iapp.my.salesforce.com/sfc/p/#1a000000HSGV/a/1P000000XeTO/7xOqxD1UampJRpDFr37qKWaLBKb9Ge2ZHgUUFBoiP6g
Phases of an AI project
- Scoping
- Problem identification
- Impact of the AI?
- Purpose limitation
- Planning of solution & resources
- Identify Data Sources
- Getting access, data transfer
- Compliance requirements for the data
- Data minimization & pseudonymization
- Data Pre-Processing
- Exploratory Data Analysis
- Feature selection (data minimization)
- Feature engineering
- Anonymization/pseudonymization
- Modeling
- Training, validation, testing
- Does the model generalize well? (Test for bias/variance)
- Support explanation
- Deployment
- Re-identification risk: Will the analysis or model be published?
- Explanation to domain experts and/or data subjects
- Incremental learning
- Human-in-the-loop
- Request of data subjects
- Rights to get an explanation
- Right to be forgotten