demystifying the role of ai in
play

Demystifying the Role of AI in Privacy Management Darren Abernethy - PowerPoint PPT Presentation

Jan 18, 2023 •14 likes •324 views

October 16, 2019 Demystifying the Role of AI in Privacy Management Darren Abernethy TrustArc Maggie Gloeckle A+E Networks Hilary Lane Ravi Pather CryptoNumerics Introduction Demystifying the Role of AI in Privacy Management Agenda

  1. October 16, 2019 Demystifying the Role of AI in Privacy Management Darren Abernethy TrustArc Maggie Gloeckle A+E Networks Hilary Lane Ravi Pather CryptoNumerics

  2. Introduction

  3. Demystifying the Role of AI in Privacy Management Agenda • Introductions • Privacy and the Business Challenges • Introduction to “Automated Intelligence” • Challenges with Managing Privacy Compliance • “Automated Intelligence” Use Cases • Key takeaways

  4. Privacy Funding POLL: Privacy Funding What is the level of privacy funding at your organization? A. Low - we have significantly underinvested in privacy B. Medium – we have inconsistently invested in privacy C. High – we have consistently invested in privacy D. I don’t even want to think about it

  5. Privacy Ownership POLL: Organizational Compliance Ownership Who owns privacy compliance within your organization? A. Office of the General Counsel or Legal Department B. Compliance C. Information Technology – CISO / CIO D. Suite Executive (s) CFO/ COO /CTO / CEO E. Management by Committee

  6. Privacy and Business Challenges

  7. Privacy and the Business Challenges Privacy as a strategic business imperative For maximum data value balanced by responsible data stewardship Privacy Stakeholder 0100110101110101100101 Alignment

  8. Privacy and the Business Challenges How are Data and Privacy Compliance Evolving? GDPR Phase 2 GDPR Phase 1 PIPEDA Privacy Automation Data Security HIPAA CCPA • Privacy Compliance is getting more Complex • Re-identification Risk • Legal meaning • Invest in Privacy • Focus on Data • Secondary Use of Data • Incentive to use provable • Consent Management • Leverage Automated Security Demand increasing de-identified data grows • Loss Prevention • GRC Risk and Privacy tools • Demonstrating • Failure to comply with • Intrusion Detection • Leverage Tools Compliance is hard Privacy is damaging 2016 2018 201 2020 201 9 7 Sep Jan 20 19 • Securing Data • Consent Management • Demands Privacy by Design (PbD) • Consent • Threat Detection Management • Right to be Forgotten • Automate Risk Assessment of re- & Loss identification (Demonstrate PIA) • Right to be • Anonymization Prevention Forgotten • Ensure risk of re-identification has • Re-identification Risks been removed • Anonymization • Data Utility Required • Retain Analytical Value in Data • Privacy Non-Compliance • Security tools don’t work for Privacy

  9. Introduction to “Automated Intelligence”

  10. The Road to “Automated Intelligence” Route Wisdom 2 Intelligence Insights Knowledge Information Data

  11. From Text to Machine

  12. Speed Meets Nuance Data is Fast Laws are Complex Business, economic, healthcare, security, and Regulatory obligations can attach to data as political leaders and their teams rely on vast rapidly as it moves or is used for a new purpose, data sources and deep analytics to make rapid, however, most laws aren’t written to be applied critical decisions. quickly as companies, data, systems, business partners and the activities in which they are involved fall in and out of scope.

  13. Defining “Intelligence” for Privacy Term Definition in·​tel·​li·​gence | \ in- the ability to learn or understand or to deal with new or ˈte - lə - jən(t)s trying situations a branch of computer science dealing with the simulation of ar·​ti·​fi·​cial intelligent behavior in computers in·​tel·​li·​gence | \ ˌär - tə - ˈfi - shᵊl \ in- ˈte - lə - jən(t)s ma·​chine learn·​ing the process by which a computer is able to improve its own | \ mə - ˈshēn \ ˈlər - niŋ performance (as in analyzing image files) by continuously incorporating new data into an existing statistical model

  14. Defining “Intelligence” for Privacy Term Definition al· go· rithm | \ ˈal-gə- a step-by-step procedure for solving a problem or accomplishing ˌri-t͟həm some end in a finite number of steps that frequently involves repetition of an operation algorithmic, data-driven contextual insights about privacy au·​to·​mat·​ed pri·​va·​cy requirements that drive actionable priorities within operational in·​tel·​li·​gence | ȯ - tə - workflows to streamline privacy management decisions and drive ˌmā - təd \ ˈprī - və - sē in - alignment across teams and stakeholders ˈte - lə - jən(t)s

  15. Automated Decision-Making (ADM) ADM is the ability to make decisions by technological means. Solely ADM is ADM without any human involvement. ADM can be based on data collected directly, data collected from third party sources, or derived or inferred data. GDPR addresses risks related to Automated “Individual” Decision-Making, i.e., ADM about individuals ADM used for privacy intelligence leverages information about organization business practices and privacy metadata. Data integrity, accuracy, and completeness are as critical to privacy intelligence as they are to nuanced legal and regulatory advice and guidance provided by expert advisors.

  16. Challenges with Managing Privacy Compliance

  17. Privacy Management Challenges ▪ Emerging Multiple Privacy Regimes and increasing complexity ▪ Privacy Compliance is here and is a legal requirement ▪ Privacy by Design and Privacy by Default is a legal recommendation ▪ Anonymised Data is today foundational to Data & Privacy Compliance ▪ Risk of re-identification is high if data is not properly anonymised ▪ Risk of fines and brand damage for non-compliant Anonymised data ▪ Balancing with Data Utility, critical for business data science and analytics ▪ Consequences for non-compliance ▪ Secondary Use apps such as Data Science, Analytics, Monetization now in scope ▪ In scope overhead will be prohibitive in using such data ▪ Privacy Breach, Brand and reputational damage and question of ethical use of data

  18. Enterprise Challenge: Fragmentation Manual & Manual & Manual & Manual & Fragmented Fragmented Fragmented Fragmented Legal Risk Compliance IT Security Data Science Business Manages Risk Identifies Legal Privacy Compliance Consumers of Analytics, AI & ML Data Security Defines Policy Access Requests data Data Insights requirements Protection tools Enforcement Contracts Encryption, Business & GRC Risk Python, R, SAS, Policy Tools, Hashing, Customer Tools, Tableau Spreadsheets Tokenization Insights Spreadsheets ● Privacy Stakeholders are fragmented and operate in silos ● Privacy Compliance is outpacing Organizational capability to respond ● Risk of Re-identification of data is a Risk and Compliance exposure ● Data Protection tools breaks Analytical value of data for Data Science and Analytics

  19. “Automated Intelligence” Use Cases

  20. “Automated Intelligence” Use Cases 1. Consumer Privacy Rights / DSRs 2. Incident Response 3. De-Identification and Risk 4. Data Discovery and Risk

  21. Use Case 1: Consumer Privacy Requests Requestor Type Required? 1-California Do Not Sell Yes, under CCPA if applicable 2-Texas Access Yes, under HIPAA and TMPA if applicable 3-Nevada Do Not Sell Yes, under Nevada Law if applicable 4-Brazil Correction Yes Intelligence 5-Singapore Deletion No Filter

  22. Use Case 2: Incident Response

  23. Use Case 3: De-Identification & Risk Why enterprise class privacy automation is now required ▪ Build data protection by design and by default (Privacy by Design) ▪ Build an architectural point of control for policy enforcement ▪ Automated Risk Assessment for re-identification ▪ Generate fully Anonymised datasets with confidence ▪ Reduce risk of non-compliance ▪ Invest in Privacy Automation now as we invested in Data Security 5 years ago ▪ Privacy breach and non compliance is now a corporate liability & exposure ▪ Harmonize Legal, Risk & Compliance, Data Science and Business teams into a single process with Privacy Automation ▪ Data-driven data science demand will grow ▪ M ake Privacy an integrated layer of Data Science Architectures ▪ Balance Privacy Compliance with Data with High Analytical value

  24. Use Case 3: De-Identification & Risk

  25. Use Case 3: De-Identification & Risk

  26. Use Case 4: Data Discovery & Risk

  27. Summary of Automated Intelligence For Privacy Management • Data Protection by Default and by Design – Build a systems based Architectural Point of control for Policy Enforcement – Use emerging and “State -of-the- Art” tools to meet and demonstrate data compliance • Fully Anonymize Data and Demonstrate Compliance – De- Identify ‘direct identifiers’ and apply privacy protection to ‘indirect identifiers’ – Automate Risk Assessment to demonstrate Privacy Compliance – Move to Automated, systems based ‘Risk of re - Identification vs manual ‘two eyes’ approaches • Legal Basis for secondary purpose use of customer data – ‘Legitimate Interest Processing’ (LIP) is more flexible than Consent for Data Science (GDPR) – Identifiable data is in scope (CCPA & PIPEDA) – Organisational & Technical Controls are required to support de-identification of data

  28. Key Takeaways

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Demystifying DNA Demystifying DNA What is it? How do I get it? What is it? How do I

Demystifying DNA Demystifying DNA What is it? How do I get it? What is it? How do I

Demystifying DNA Demystifying DNA What is it? How do I get it? What is it? How do I get it? How do I get rid of it? How do I get rid of it? Alissa Bjerkhoel Litigation Coordinator, California Innocence Project Panel Attorney,

1.61k views • 124 slides
Demystifying the role and meaning of humanitarianism in the eyes of survivors of the Rwandan

Demystifying the role and meaning of humanitarianism in the eyes of survivors of the Rwandan

Demystifying the role and meaning of humanitarianism in the eyes of survivors of the Rwandan Genocide How have the most well-informed and intelligent people got it so wrong? In recent years, there has been a glut of organisations set up to

57 views • 3 slides
Demystifying SEO for Government Agencies Demystifying SEO for Government Agencies Why should you

Demystifying SEO for Government Agencies Demystifying SEO for Government Agencies Why should you

Drupal GovCon 2018 Demystifying SEO for Government Agencies Demystifying SEO for Government Agencies Why should you listen me? Jason Hamrick Senior Strategist Phase2 jhamrick@phase2technology.com Demystifying SEO for Government Agencies 2

418 views • 26 slides
Demystifying the role of the District Valuer Nick Tyldesley / Alex Wheldon For land &

Demystifying the role of the District Valuer Nick Tyldesley / Alex Wheldon For land &

Demystifying the role of the District Valuer Nick Tyldesley / Alex Wheldon For land & asset transfer seminar Slide 1) Overview of Session Who, or what, is the District Valuer? Methods of valuation The valuation

341 views • 7 slides
Demystifying Benchmarks How to Use Them to Better Evaluate Databases Peter Friedenbach,

Demystifying Benchmarks How to Use Them to Better Evaluate Databases Peter Friedenbach,

Flexible transactional scale for the connected world. Demystifying Benchmarks How to Use Them to Better Evaluate Databases Peter Friedenbach, Performance Architect | Clustrix Demystifying Benchmarks Outline A Brief History of Database

591 views • 20 slides
Demystifying the Finance Audit Committee DEMYSTIFYING THE FINANCE AND AUDIT COMMITTEE

Demystifying the Finance Audit Committee DEMYSTIFYING THE FINANCE AND AUDIT COMMITTEE

DEMYSTIFYING THE FINANCE AND AUDIT COMMITTEE Demystifying the Finance Audit Committee DEMYSTIFYING THE FINANCE AND AUDIT COMMITTEE Agenda 1. How to set-up the Finance and Audit Committee 2. Terms of Reference 3. Recruitment 4.

503 views • 33 slides
Demystifying The Edge for the IIoT Deployment: Supporting the new Industrial Landscape

Demystifying The Edge for the IIoT Deployment: Supporting the new Industrial Landscape

Demystifying The Edge for the IIoT Deployment: Supporting the new Industrial Landscape Department/Name/Date 1 Demystifying The Edge for IIoT I. Review the applications and services driving IIoT Edge deployments II. Discuss proper planning

689 views • 41 slides
Demystifying Relational Latent Representations Sebastijan Dumani, Hendrik Blockeel DTAI, KU

Demystifying Relational Latent Representations Sebastijan Dumani, Hendrik Blockeel DTAI, KU

Demystifying Relational Latent Representations Sebastijan Dumani, Hendrik Blockeel DTAI, KU Leuven September 6, ILP 2017 1 Outline 2/24 1 Introduction 2 Understanding latent features 3 Properties of latent spaces Demystifying

281 views • 24 slides
Demystifying Modern Windows Rootkits Bill Demirkapi Independent Security Researcher

Demystifying Modern Windows Rootkits Bill Demirkapi Independent Security Researcher

Demystifying Modern Windows Rootkits Bill Demirkapi Independent Security Researcher Demystifying Modern Windows Rootkits Black Hat USA 2020 1 Who Am I? 18 years old Sophomore at the Rochester Institute of Technology Windows

847 views • 73 slides
Demystifying Appointments, Reappointments, and Promotions School of

Demystifying Appointments, Reappointments, and Promotions School of

Demystifying Appointments, Reappointments, and Promotions School of Medicine 2016 Within Youll Find Positions and tracks The process and timelines The Dossier Commonly

950 views • 52 slides
Demystifying Accreditation Under 5th Edition Standards January 2020 Magali De Castro Clinical

Demystifying Accreditation Under 5th Edition Standards January 2020 Magali De Castro Clinical

Demystifying Accreditation Under 5th Edition Standards January 2020 Magali De Castro Clinical Director, HotDoc Demystifying Accreditation Under 5th Edition Standards This session will cover: Overview and purpose of the accreditation

593 views • 44 slides
Demystifying Python Metaclasses Demystifying Python Metaclasses Eric D. Wills, Ph.D. Instructor,

Demystifying Python Metaclasses Demystifying Python Metaclasses Eric D. Wills, Ph.D. Instructor,

Demystifying Python Metaclasses Demystifying Python Metaclasses Eric D. Wills, Ph.D. Instructor, University of Oregon Instructor, University of Oregon Director of R&D, Vizme Inc What is a metaclass? What is a metaclass? A metaclass

916 views • 64 slides
Demystifying Depreciation and How to Make Use of It December 1, 2016 This program is made

Demystifying Depreciation and How to Make Use of It December 1, 2016 This program is made

Demystifying Depreciation and How to Make Use of It December 1, 2016 This program is made possible under a cooperative agreement with EPA. www.efcnetwork.org At the top right corner of your screen: Show your control panel to submit questions

626 views • 52 slides
Demystifying the Real-Time Linux Scheduling Latency Daniel Bristot de Oliveira , Daniel Casini,

Demystifying the Real-Time Linux Scheduling Latency Daniel Bristot de Oliveira , Daniel Casini,

Demystifying the Real-Time Linux Scheduling Latency Daniel Bristot de Oliveira , Daniel Casini, Rmulo Silva de Oliveira and Tommaso Cucinotta Principal Software Engineer 1 Demystifying The Real-Time Linux Scheduling Latency - 32 nd Euromicro

461 views • 31 slides
Demystifying the complex: The practical importance of telehealth to Australian Communities Kim

Demystifying the complex: The practical importance of telehealth to Australian Communities Kim

Demystifying the complex: The practical importance of telehealth to Australian Communities Kim Casburn, Manager Primary Care, Health and Wellbeing Overview The challenge RFW who we are and what we do How did we get to where we

363 views • 15 slides
Demystifying Workers Compensation November 19, 2014 Presented by: Shari Deutsch, ARM-P

Demystifying Workers Compensation November 19, 2014 Presented by: Shari Deutsch, ARM-P

Demystifying Workers Compensation November 19, 2014 Presented by: Shari Deutsch, ARM-P Safety & Risk Management Administrator Central Contra Costa Sanitary District Who Are You? HR Staff? Supervisor or Manager? Regular

780 views • 74 slides
My Concerns About Artificial Intelligence Abstract There is growing alarm about the potential

My Concerns About Artificial Intelligence Abstract There is growing alarm about the potential

Middle Road Software, Inc. My Concerns About Artificial Intelligence Abstract There is growing alarm about the potential dangers of Artificial Intelligence (AI). Giants of the commercial and scientific world have expressed the concern that AI

714 views • 18 slides
RESPONSIBLE ARTIFICIAL INTELLIGENCE Prof. Dr. Virginia Dignum Chair of Social and Ethical AI -

RESPONSIBLE ARTIFICIAL INTELLIGENCE Prof. Dr. Virginia Dignum Chair of Social and Ethical AI -

RESPONSIBLE ARTIFICIAL INTELLIGENCE Prof. Dr. Virginia Dignum Chair of Social and Ethical AI - Department of Computer Science Email: virginia@cs.umu.se - Twitter: @vdignum WHAT IS AI? Not just algorithm Not just machine learning

603 views • 35 slides
Freedom & AI Can Free Software include ethical AI systems? Justin W. Flory Mike Nolan

Freedom & AI Can Free Software include ethical AI systems? Justin W. Flory Mike Nolan

Freedom & AI Can Free Software include ethical AI systems? Justin W. Flory Mike Nolan Rochester Institute of Technology UNICEF Office of Innovation @jflory7 @__nolski__ When a measure becomes a target, it ceases to be a good

584 views • 41 slides
Game AI Where is the AI Route planning / Search Movement Group behavior Decision

Game AI Where is the AI Route planning / Search Movement Group behavior Decision

Game AI Where is the AI Route planning / Search Movement Group behavior Decision making General Search Algorithm Design Keep a pair of set of states: One, the set of states to explore, called the open set or the frontier .

663 views • 25 slides
ARTIFICIAL INTELLIGENCE Russell & Norvig Chapter 3: Solving Problems by Searching

ARTIFICIAL INTELLIGENCE Russell & Norvig Chapter 3: Solving Problems by Searching

ARTIFICIAL INTELLIGENCE Russell & Norvig Chapter 3: Solving Problems by Searching Problem-Solving Agents Goal is set of states where goal is achieved Must consider level of abstraction to formulate problem Which actions are

335 views • 15 slides
Interactive Tools for Learning Artificial Intelligence Byron Knoll, Jacek Kisy nski, Giuseppe

Interactive Tools for Learning Artificial Intelligence Byron Knoll, Jacek Kisy nski, Giuseppe

Interactive Tools for Learning Artificial Intelligence Byron Knoll, Jacek Kisy nski, Giuseppe Carenini, Cristina Conati, Alan Mackworth, David Poole Department of Computer Science University of British Columbia AAAI 2008 AI Education

522 views • 28 slides
Inequalities between correlation measures Katalin Gyarmati Etvs Lornd University

Inequalities between correlation measures Katalin Gyarmati Etvs Lornd University

Inequalities between correlation measures Katalin Gyarmati Etvs Lornd University Department of Algebra and Number Theory Budapest gykati@cs.elte.hu Message of I. Bell: 1. A. B. C. D. E. F. G. H. I. J. K. L. M. N. P. Q. R. S. T. U. V. W.

401 views • 26 slides
Chapter 1 Introduction Control system engineering is concerned with modifying the

Chapter 1 Introduction Control system engineering is concerned with modifying the

Chapter 1 Introduction Control system engineering is concerned with modifying the behavior of dynamical systems to achieve certain pre-specified goals. Control design loop: Modeling: Physical plants Mathematical

789 views • 21 slides

More recommend