斯坦福:反思人工智能時(shí)代的隱私問(wèn)題(英文版)_第1頁(yè)
斯坦福:反思人工智能時(shí)代的隱私問(wèn)題(英文版)_第2頁(yè)
斯坦福:反思人工智能時(shí)代的隱私問(wèn)題(英文版)_第3頁(yè)
斯坦福:反思人工智能時(shí)代的隱私問(wèn)題(英文版)_第4頁(yè)
斯坦福:反思人工智能時(shí)代的隱私問(wèn)題(英文版)_第5頁(yè)
已閱讀5頁(yè),還剩100頁(yè)未讀, 繼續(xù)免費(fèi)閱讀

下載本文檔

版權(quán)說(shuō)明:本文檔由用戶提供并上傳,收益歸屬內(nèi)容提供方,若內(nèi)容存在侵權(quán),請(qǐng)進(jìn)行舉報(bào)或認(rèn)領(lǐng)

文檔簡(jiǎn)介

stanforduniversityHuman-centered

ArtificialIntelligence

WhitePaper

February2024

JenniferKing

CarolineMeinhardt

RethinkingPrivacyintheAIEra

PolicyProvocationsforaData-CentricWorld

stanforduniversityHuman-centered

ArtificialIntelligence

WhitePaper

RethinkingPrivacyintheAIEra

Authors

JenniferKingisthePrivacyandDataPolicyFellowattheStanfordUniversity

InstituteforHuman-CenteredArtificialIntelligence(HAI).Aninternationally

recognizedexpertininformationprivacy,herresearchexaminesthepublic’s

understandingandexpectationsofonlineprivacyaswellasthepolicyimplicationsofemergingtechnologies,includingartificialintelligence.Herrecentresearch

exploresalternativestonoticeandconsent(withtheWorldEconomicForum),theimpactofCalifornia’snewprivacylaws,andmanipulativedesign(darkpatterns).

Shealsoco-directsthe

DarkPatternsTipLine

repositoryatStanford.PriortojoiningHAI,shewastheDirectorofConsumerPrivacyattheCenterforInternetandSocietyatStanfordLawSchoolfrom2018to2020.Dr.Kingcompletedherdoctoratein

informationmanagementandsystems(informationscience)attheUniversityofCalifornia,BerkeleySchoolofInformation.

CarolineMeinhardtisthepolicyresearchmanagerattheStanfordInstitutefor

Human-CenteredArtificialIntelligence(HAI),whereshedevelopsandoversees

policyresearchinitiatives.SheispassionateaboutharnessingAIgovernance

researchtoinformpoliciesthatensurethesafeandresponsibledevelopmentof

AIaroundtheworld—withafocusonresearchontheprivacyimplicationsofAI

development,theimplementationchallengesofAIregulation,andthegovernanceoflarge-scaleAImodels.PriortojoiningHAI,CarolineworkedasaChina-focusedconsultantandanalyst,managinganddeliveringin-depthresearchandstrategic

adviceregardingChina’sdevelopmentandregulationofemergingtechnologies

includingAI.SheholdsaMaster’sinInternationalPolicyfromStanfordUniversity,whereherresearchfocusedonglobalgovernancesolutionsforAI,andaBachelor’sinChineseStudiesfromtheUniversityofCambridge.

Acknowledgments

TheauthorswouldliketothankBrendaLeong,CobunZweifel-Keegan,JustinWest,KevinKlyman,andDanielZhangfortheirvaluablefeedback,NicoleTongandColeFordforresearchassistance,andJeaninaCasusi,JoeHinman,NancyKing,ShanaLynch,CarolynLehman,andMichiTurnerforpreparingthepublication.

Disclaimer

TheStanfordInstituteforHuman-CenteredArtificialIntelligence(HAI)isanonpartisanresearchinstitute,representingarangeofvoices.TheviewsexpressedinthisWhitePaperreflecttheviewsoftheauthors.

2

stanforduniversityHuman-centered

ArtificialIntelligence

WhitePaper

RethinkingPrivacyintheAIEra

TableofContents

Authors2

Acknowledgments2

TableofContents3

ExecutiveSummary4

Chapter1:Introduction5

Chapter2:DataProtectionandPrivacy:

KeyConceptsandRegulatoryLandscape7

a.FairInformationPracticePrinciples:

Theframeworkbehinddataprotectionandprivacy9

b.GeneralDataProtectionRegulation:

The“globalstandard”fordataprotection10

c.U.S.StatePrivacyLaws:Fillingthefederalprivacyvacuum12

d.PredictiveAIvs.GenerativeAI:Aninflectionpoint

fordataprotectionregulation14

Chapter3:ProvocationsandPredictions17

a.DataisthefoundationofAIsystems,

whichwilldemandevergreateramountsofdata17

b.AIsystemsposeuniqueriskstobothindividualand

societalprivacythatrequirenewapproachestoregulation19

c.Dataprotectionprinciplesinexistingprivacylaws

willhaveanimplicit,butlimited,impactonAIdevelopment22

d.TheexplicitalgorithmicandAI-basedprovisionsin

existinglawsdonotsufficientlyaddressprivacyrisks25

e.Closingthoughts29

Chapter4:SuggestionsforMitigatingthePrivacyHarmsofAI31

Suggestion1:Denormalizedatacollectionbydefault33

Suggestion2:FocusontheAIdatasupplychainto

improveprivacyanddataprotection36

Suggestion3:Flipthescriptonthemanagementofpersonaldata41

Chapter5:Conclusion45

Endnotes46

3

4

stanforduniversityHuman-centered

ArtificialIntelligence

WhitePaper

RethinkingPrivacyintheAIEra

ExecutiveSummary

Inthispaper,wepresentaseriesofargumentsandpredictionsabouthowexistingandfutureprivacyanddataprotectionregulationwillimpactthedevelopmentanddeploymentofAIsystems.

DataisthefoundationofallAIsystems.Goingforward,AIdevelopmentwillcontinuetoincreasedevelopers’hungerfortrainingdata,fuelinganevengreaterracefordataacquisitionthanwehavealreadyseeninpastdecades.

Largelyunrestraineddatacollectionposesuniqueriskstoprivacythatextendbeyondtheindividuallevel—theyaggregatetoposesocietal-levelharmsthatcannotbeaddressedthroughtheexerciseofindividualdatarightsalone.

Whileexistingandproposedprivacylegislation,groundedinthegloballyacceptedFairInformationPractices

(FIPs),implicitlyregulateAIdevelopment,theyarenotsufficienttoaddressthedataacquisitionraceaswellastheresultingindividualandsystemicprivacyharms.

Evenlegislationthatcontainsexplicitprovisionsonalgorithmicdecision-makingandotherformsofAIdoesnotprovidethedatagovernancemeasuresneededtomeaningfullyregulatethedatausedinAIsystems.

WepresentthreesuggestionsforhowtomitigatetheriskstodataprivacyposedbythedevelopmentandadoptionofAI:

1.Denormalizedatacollectionbydefaultbyshiftingawayfromopt-outtoopt-indatacollection.

Datacollectorsmustfacilitatetruedataminimizationthrough“privacybydefault”strategiesandadopttechnicalstandardsandinfrastructureformeaningfulconsentmechanisms.

2.FocusontheAIdatasupplychaintoimproveprivacyanddataprotection.Ensuringdataset

transparencyandaccountabilityacrosstheentirelifecyclemustbeafocusofanyregulatorysystemthataddressesdataprivacy.

3.Flipthescriptonthecreationandmanagementofpersonaldata.Policymakersshouldsupportthedevelopmentofnewgovernancemechanismsandtechnicalinfrastructure(e.g.,dataintermediariesanddatapermissioninginfrastructure)tosupportandautomatetheexerciseofindividualdatarightsand

preferences.

5

stanforduniversityHuman-centered

ArtificialIntelligence

WhitePaper

RethinkingPrivacyintheAIEra

Chapter1:Introduction

Intheopeningmonthsof2024,artificialintelligence

(AI)issquarelyinthesightsofregulatorsaroundthe

globe.TheEuropeanUnionissettofinalizeitsAIAct

laterthisyear.Otherpartsoftheworld,fromtheUnitedKingdomtoChina,arealsocontemplatingand,insomecasesalreadyimplementing,wide-rangingAIregulation.IntheUnitedStates,arecentmilestoneExecutive

OrderonAImarkedtheclearestsignalyetthatthe

Bidenadministrationispoisedtotakeacomprehensive

approachtoAIgovernance.1Withfederallegislationto

regulateAIyettopass,agrowingnumberoffederal

agenciesandstatelegislatorsareclarifyinghowexistingregulationrelatestoAIwithintheirjurisdictionalareas

andproposingAI-specificregulation.2

WhilemuchofthediscussionintheAIregulatory

spacehascenteredondevelopingnewlegislationtodirectlyregulateAI,therehasbeencomparativelylittlediscourseonthelawsandregulationsthatalready

impactmanyformsofcommercialAI.Inthiswhite

paper,wefocusontheintersectionofAIregulation

withtwospecificareas:privacyanddataprotection

legislation.TheconnectivetissuebetweenprivacyandAIisdata:NearlyallformsofAIrequirelargeamountsoftrainingdatatodevelopclassificationordecisionalcapabilities.WhetherornotanAIsystemprocesses

orrendersdecisionsaboutindividuals,ifasystem

includespersonalinformation,particularlyidentifiablepersonalinformation,aspartofitstrainingdata,itislikelytobesubject—atleastinpart—toprivacyanddataprotectionregulations.

Wemakeasetofargumentsandpredictionsabout

howexistingandfutureprivacyanddataprotection

regulationsintheUnitedStatesandtheEUwillimpactthedevelopmentanddeploymentofAIsystems.We

startwiththefundamentalassumptionthatAIsystemsrequiredata—massiveamountsofit—fortraining

purposes.Itisthisneedfordata,asbestevidencedbydata-hungrygenerativeAIsystemssuchasChatGPT,thatwepredictwillfuelanevengreaterracefordataacquisitionthanwe’vewitnessedoverthelastdecadesofthe“BigData”era.Thisneedwillinturnimpactbothindividualandsocietalinformationprivacy—notjust

throughthedemandfordata,butalsobytheimpactsthisneedwillhaveonspecificissuessuchasconsent,provenance,andtheentiredatasupplypipelineandlifecyclemoregenerally.3

WemoveontoexaminingAI’suniquerisksto

consumerandpersonalprivacy,which—unlikemany

technology-fueledprivacyharmsthatprimarilyimpactindividuals—aggregatetoposesocietal-levelrisks

thatexistingregulatoryprivacyframeworksarenot

designedtoaddress.Wearguethatexistinggovernanceapproaches,whicharebasedpredominantlyonthe

globallyacceptedFairInformationPractices(FIPs),

willnotbesufficienttoaddressthesesystemicprivacyrisks.Finally,weclosewithsuggestedsolutionsfor

mitigatingtheseriskswhilealsoofferingnewdirectionsforregulationinthisarea.

What’satStake:TheFutureof

BothPrivacyandAI

DataisakeycomponentforallAIsystems—todate,themostsignificantimprovementsinAIsystems

havebeentiedtoaccesstoverylargeamountsof

trainingdata.Thisfactdoesnotnecessarilymean

thatalladvancementsinAIwillrequiremassive

amountsofdata;aswediscusslater,someresearchersareobservingqualityversusquantitytrade-offs

6

stanforduniversityHuman-centered

ArtificialIntelligence

WhitePaper

RethinkingPrivacyintheAIEra

thatindicatemoremaynotreliablymeanbetter.

Regardless,wearepresentlyataninflectionpointwherethereisconsiderablepressureforcompaniestobuildmassivetrainingdatasetstomaintaintheircompetitiveadvantage.

Aprimaryconcernmotivatingthispaperisthatdespitethefactthatexistingandproposedprivacyanddata

protectionlawsonbothsidesoftheAtlanticwillhaveanimpactonAI,theywillnotsufficientlyregulate

thedatasourcesthatAIsystemsrequireinaway

thatwillsubstantivelypreserve,orevenimprove,our

dataprivacy.Inthispaper,weexploreseveralrelatedconcerns:

1.Theframeworkthatunderliesdataprotectionlawshasweaknessesthatwillnotgiveindividualsthetoolstheyneedtopreservetheirdataprivacyas

AIadvances;

2.Italsofailstoaddresssocietal-levelprivacyrisks;

3.PolicymakersmustexpandthescopeofhowweapproachprivacyanddataprotectiontoaddresstheseweaknessesandbolsterdataprivacyinanincreasinglyAIdominantworld.

Westartfromtheassumptionthatformostofus

thecurrentstateofourdataprivacyrangesfrom

suboptimaltodismal.IntheUnitedStates,pollshaveshownthatthepubliclargelyfeelsasiftheyhavenocontroloverthedatathatiscollectedaboutthem

online;4thatthebenefitstheyreceiveinexchangefor

theirdataarenotalwaysworththebargainoffree

access;andthatinmostdatarelationships,consumershavenoabilitytonegotiatemorefavorableterms—

andinmanyinstances,believetheyarelockedinorhavefewifanyalternatives.5

Inshort,aswemovetowardafutureinwhichAI

developmentcontinuestoincreasedemandsfor

data,dataprotectionregulationthatatbestmaintainsthestatusquodoesnotinspireconfidencethatthe

datarightswehavewillpreserveourdataprivacy

asthetechnologyadvances.Infact,webelieve

thatcontinuingtobuildanAIecosystematopthis

foundationwilljeopardizewhatlittledataprivacywehavetoday.

Thispaperfocusesonthecoreissuesthatwebelieverequirethemostattentiontoaddressthisstateof

affairs.Itdoesnotclaimtoaddressorsolveeverything.Butwedobelievethatiftheseissuesaren’tsufficientlyacknowledgedandaddressedthroughregulationandenforcement,weleaveourselvesopentoasituation

whereprivacyprotectioncontinuestodeteriorate.

Therearemanyworriesattachedtohowourworld

willchangeasitcontinuestoembraceAI.Concernsrelatedtobiasanddiscriminationhavealready

generatedextensivedebateanddiscussion,andwearguethatasubstantiallossofdataprivacyisanothermajorriskthatdeservesourheightenedconcern.

7

stanforduniversityHuman-centered

ArtificialIntelligence

WhitePaper

RethinkingPrivacyintheAIEra

Chapter2:DataProtectionandPrivacy:

KeyConceptsandRegulatoryLandscape

ThelasttwoyearshaveseengroundbreakingadvancesinAI,aperiodinwhichgenerativeAItoolsbecame

widelyavailable,inspiringandalarmingmillionsof

peoplearoundtheworld.Largelanguagemodels

(LLMs)suchasGPT-4,PaLM,andLlama,aswellas

AIimagegenerationsystemssuchasMidjourneyandDALL-E,havemadeatremendouspublicsplash,whilemanyotherlessheadline-grabbingformsofAIalso

continuedtoadvanceatbreakneckspeed.

WhilerecognizingtherecentdominanceofLLMsinpublicdiscourse,inthispaperweconsiderthedataprivacyandprotectionimplicationsofawiderarrayofAIsystems,definedmorebroadlyas“engineeredormachine-basedsystem[s]thatcan,foragivensetofobjectives,generateoutputssuchaspredictions,recommendations,ordecisionsinfluencingrealor

virtualenvironments.”6Forexample,weconsidera

rangeofpredictiveAIsystems,suchasthosebasedonmachinelearning,thatanalyzevastamountsof

datatomakeclassificationsandpredictions,rangingfromfacialrecognitionsystemstohiringalgorithms,criminalsentencingalgorithms,behavioraladvertisingandprofiling,andemotionrecognitiontools,to

nameafew.Thesesystemsoperatewithvarying

levelsofautonomy,with“automateddecision-

making”referringtoAIsystemsmakingdecisions(suchasawardingaloanorhiringanewemployee)

withoutany,orminimal,humaninvolvement.7

WhilegenerativeAIsystemsalsorelyonpredictive

processes,thosesystemsultimatelyfocusoncreatingnewcontentrangingfromtexttoimages,video,andaudioastheiroutput.

Whilesomepolicymakersarekeentodemonstratethattheyareassuagingthepublic’sgrowingconcerns

abouttherapiddevelopmentand

deploymentofAIbyintroducingnew

legislation,thereisagrowingdebate

overwhetherexistinglawsprovidesufficientprotectionandoversightofAIsystems.

Inresponsetothesewidelypublicizeddevelopments,

bothpolicymakersandthegeneralpublichave

calledforregulatingAItechnologies.Since2020,countriesaroundtheworldhavebegunpassing

AI-specificlegislation.8WhiletheEUfinalizesthe

parametersofitsAIAct,thebloc’sattempttoprovideoverarchingregulationofAItechnologies,theUnitedStatespresentlylacksageneralizedapproachtoAI

regulation,thoughmultiplefederalagencieshavereleasedpolicystatementsassertingtheirauthorityoverAIsystemsthatproduceoutputsinviolation

ofexistinglaw,suchascivilrightsandconsumer

protectionstatutes.9SeveralU.S.statesand

municipalitieshavealsotackledgeneralconsumerregulationofAIsystems.10

8

stanforduniversityHuman-centered

ArtificialIntelligence

WhitePaper

RethinkingPrivacyintheAIEra

Whilesomepolicymakersarekeentodemonstrate

thattheyareassuagingthepublic’sgrowingconcernsabouttherapiddevelopmentanddeploymentofAI

byintroducingnewlegislation,thereisagrowing

debateoverwhetherexistinglawsprovidesufficient

protectionandoversightofAIsystems.Aswediscussinthiswhitepaper,privacyanddataprotectionlaws

intheUnitedStatesandtheEUalreadydothework

ofregulatingsome—thoughnotall—aspectsofAI.

Whethertheseexistinglaws,andproposedonesbasedontheseframeworks,areadequatetoanticipateand

respondtoemergentformsofAIwhilealsoaddressingprivacyrisksandharmsisaquestionwewilladdresslaterinthispaper.

Beforewedelveintothedetailsofourarguments,weprovideabriefoverviewofthepresentstateofdataprotectionandprivacyregulationsintheEUandtheUnitedStatesthatimpactAIsystems,startingwiththefoundationalFairInformationPractices(FIPs).Thosefamiliarwiththeseregulationsmaywishtoskipaheadtothenextchapter.

DataPrivacyandDataProtection

Dataprivacyanddataprotectionaresometimesusedinterchangeablyincasualconversation.Whilethesetermsarerelatedandhavesomeoverlap,theydifferinsignificantways.

Dataprivacyisprimarilyconcernedwithwhohasauthorizedaccesstocollect,process,and

potentiallyshareone’spersonaldata,andtheextenttowhichonecanexercisecontroloverthataccess,includingbyoptingoutofdatacollection.Theterm’sscopeisfairlybroad,asitpertainsnotjustto

personaldatabuttoanykindofdatathat,ifaccessedbyothers,wouldbeseenasinfringingonone’srighttoaprivatelifeandpersonalautonomy.

Privacyisoftendescribedintermsofpersonalcontroloverone’sinformation,thoughthisconceptionhasbeenchallengedbytheincreasinglossofcontrolthatmanyhaveovertheirdata.Butitisthis

notionofpersonalcontrolthatunderliesbothexistingprivacyregulationsandframeworks.Whatis

considered“private”isalsocontextuallycontingent,inthatdatasharedinonecontextmaybeviewedasappropriatebyanindividualordatasubject(e.g.,sharingone’srealtimelocationdatawithafriend)butnotinanother(e.g.,athirdpartycollectingone’srealtimelocationdataandusingitforadvertisingpurposeswithoutexplicitpermission).Therelationalnatureofdatahasalsochallengedtheideaof

privacyaspersonalcontrol,asdatathatissocialinnature(e.g.,sharedsocialmediaposts)ordatathatcanrevealbothbiologicaltiesandethnicidentities(e.g.,geneticdata)continuetogrow.

9

stanforduniversityHuman-centered

ArtificialIntelligence

WhitePaper

RethinkingPrivacyintheAIEra

DataPrivacyandDataProtection(cont’d)

Dataprotectionreferstotheactofsafeguardingindividuals’personalinformationusingasetof

proceduralrights,whichincludesensuringthatdataisprocessedfairly,forspecifiedpurposes,and

collectedonthebasisofoneofsixacceptedbasesforprocessing.11Consentisthestrictestbasisand

allowsindividualstowithdrawitafterthefact.Bycontrast,legitimateinterestprovidesthegreatest

latitude—thislegalgroundforprocessingdataallowsprocessorstojustifydataprocessingonthebasisofthisdatabeingneededtocarryouttasksrelatedtotheirbusinessactivity.Dataprocessorsmuststillrespectindividuals’fundamentaldataprotectionrights,suchasprovidingnoticewhendataiscollected,givingaccesstoone’scollectedinformation,providingthemeanstocorrecterrors,delete,ortransferit(dataportability)tootherprocessors,andaffordingtherighttoobjecttotheprocessingitself.Butthereisabiastowardacceptingasagiventhecollectibilityofsomeformsofpersonaldatabydefault.

TheEUformallydistinguishesbetweenpersonalprivacy(i.e.,respectforanindividual’sprivatelife)and

dataprotection,enshriningeachinitsEuropeanCharterofFundamentalRights.Nevertheless,there

areareasofoverlapandtheconceptscomplementeachother.Whendataprotectionprinciplesdonotapplybecausethecollectedinformationisnotpersonaldata(e.g.,anonymizedbodyscannerdata),thefundamentalrighttoprivacyappliesasthecollectionofbodilyinformationaffectsaperson’sindividualautonomy.Conversely,dataprotectionprinciplescanensurelimitsonpersonaldataprocessing,evenwhensuchprocessingisnotthoughttoinfringeuponprivacy.12

a.FairInformationPractice

Principles:Theframework

behinddataprotectionand

privacy

Mostmodernprivacylegislation,atitscore,is

basedontheFairInformationPractices(FIPs),a

50-plus-year-oldsetofprinciplesthatareacceptedaroundtheglobeasthefundamentalframeworkforprovidingindividualswithdueprocessrightsfortheir

personaldata.13ProposedasaU.S.federalcodeoffair

informationpracticesforautomatedpersonaldatasystemsintheearly1970s,theFIPsintroducedfive

safeguardrequirementsregardingpersonalprivacyasameansofensuring“informationaldueprocess.”14Theyfocusontheobligationsofrecord-keeping

organizationstoallowindividualstoknowabout,

preventalternativeusesof,andcorrectinformation

collectedaboutthem.15AspolicyexpertMark

MacCarthydescribes,“Allthesemeasuresworkedtogetherasacoherentwholetoenforcetherightsofindividualstocontrolthecollectionanduseofinformationaboutthemselves.”16

Ratherthanframinginformationprivacyasa

fundamentalhumanright,asboththeUnitedNationsUniversalDeclarationofHumanRightsandthe

10

stanforduniversityHuman-centered

ArtificialIntelligence

WhitePaper

RethinkingPrivacyintheAIEra

EuropeanCharterofFundamentalRightsdowitha

moregeneralconceptionofprivacy,theFIPsoutline

asetofrulesandobligationsbetweentheindividual

(datasubject)andtherecord-keeper(dataprocessor).17TheFIPsweredraftedaroundacoreassumptionthatthestatehasalegitimateneedtocollectdataabout

itscitizensforadministrativeandrecord-keepingpurposes.18Thisassumption—thatdatacollectionisnecessaryandappropriatefortheworkingsof

themodernstatebutmustbedonefairlyandwithproceduralsafeguardsinplace—wasincorporatedintosubsequentrevisionsoftheFIPs,evenastheywereincreasinglyappliedtotheprivatesector.

Themostinternationallyinfluentialversion,developed

bytheOrganisationforEconomicCooperation

andDevelopment(OECD)in1980andamendedin

2013,consolidatesandexpandstheoriginalFIPs

intoeightprinciplescoveringcollectionlimitation,

dataquality,purposespecification,uselimitation,

securitysafeguards,openness,individualparticipation,andaccountability.19Theguidelinesreflectabroad

internationalconsensusonhowtoapproach

privacyprotectionthathastranslatedintoapolicy

convergencearoundenshriningtheFIPsasacorepartofinformationprivacylegislationaroundtheworld.20

Despitehavingbeenconceivedlongbeforethe

emergenceofthecommercialinternet,letalone

socialmediaplatformsandgenerativeAItools,core

componentsoftheFIPs,suchasdataminimization

andpurposelimitation21,directlyimpacttoday’sAI

systemsbylimitinghowbroadlycompaniescan

repurposedatacollectedforonecontextorpurposetocreateortrainnewAIsystems.TheEU’sGeneralDataProtectionRegulation(GDPR),aswellasCalifornia’s

privacyregulationsandtheproposedAmericanDataPrivacyandProtectionAct(ADPPA),reliesheavilyontheseprinciples.Theseregulations’attemptstoclarify

TheFIPsweredraftedarounda

coreassumptionthatthestatehasalegitimateneedtocollectdataaboutitscitizensforadministrativeand

record-keepingpurposes.

theapplicationoftheFIPstoprivacycontrolsamid

exponentiallyincreasingvolumesofonlineconsumersandcommercialdatashedfurtherlightontheimpactofprivacyregulationonAI.

b.GeneralDataProtectionRegulation:The“global

standard”fordataprotection

Passedin2016andineffectasof2018,theGeneralDataProtectionRegulationistheEU’sattemptto

bothupdatethe1995DataProtectionDirectiveandharmonizethepreviouspatchworkoffragmentednationaldataprivacyregimesacrossEUmember

countriesandtoenablestrongerenforcementof

Europeans’datarights.22Atitscore,theGDPRis

centeredonpersonaldata,whichisdefinedas“any

informationrelatingtoanidentifiedoridentifiable

naturalperson.”23Itgrantsindividuals(“datasubjects”)rightsregardingtheprocessingoftheirpersonaldata,suchastherighttobeinformedandalimitedrighttobeforgotten,andguideshowbusinessescanprocesspersonalinformation.Itisarguablythemostsignificantdataprotectionlegislationintheworldtoday,spurringcopycatlegislationandimpactingtheframingofdataprotectionaroundtheglobe.AsaresultoftheGDPR’sdirectapplicabilitytoAIanditsdominanceacross

11

stanforduniversityHuman-centered

ArtificialIntelligence

WhitePaper

RethinkingPrivacyintheAIEra

theglobe,dataprotectionandprivacyconcernsarelargelyabsentfromtheEU’sAIAct.

TheGDPRcontainsseveralprovisionsthatapply

toAIsystems,eventhoughitdoesnotspecifically

includetheterm“artificialintelligence.”Instead,

Article22providesprotectionstoindividualsagainstdecisions“basedsolelyonautomatedprocessing”ofpersonaldatawithouthumanintervention,alsocalledautomateddecision-making(ADM).24Itenshrines

therightofindividualsnottobesubjecttoADM

wherethesedecisionscouldproduceanadverse

legalorsimilarlysignificanteffectonthem.Giventhewides

溫馨提示

  • 1. 本站所有資源如無(wú)特殊說(shuō)明,都需要本地電腦安裝OFFICE2007和PDF閱讀器。圖紙軟件為CAD,CAXA,PROE,UG,SolidWorks等.壓縮文件請(qǐng)下載最新的WinRAR軟件解壓。
  • 2. 本站的文檔不包含任何第三方提供的附件圖紙等,如果需要附件,請(qǐng)聯(lián)系上傳者。文件的所有權(quán)益歸上傳用戶所有。
  • 3. 本站RAR壓縮包中若帶圖紙,網(wǎng)頁(yè)內(nèi)容里面會(huì)有圖紙預(yù)覽,若沒(méi)有圖紙預(yù)覽就沒(méi)有圖紙。
  • 4. 未經(jīng)權(quán)益所有人同意不得將文件中的內(nèi)容挪作商業(yè)或盈利用途。
  • 5. 人人文庫(kù)網(wǎng)僅提供信息存儲(chǔ)空間,僅對(duì)用戶上傳內(nèi)容的表現(xiàn)方式做保護(hù)處理,對(duì)用戶上傳分享的文檔內(nèi)容本身不做任何修改或編輯,并不能對(duì)任何下載內(nèi)容負(fù)責(zé)。
  • 6. 下載文件中如有侵權(quán)或不適當(dāng)內(nèi)容,請(qǐng)與我們聯(lián)系,我們立即糾正。
  • 7. 本站不保證下載資源的準(zhǔn)確性、安全性和完整性, 同時(shí)也不承擔(dān)用戶因使用這些下載資源對(duì)自己和他人造成任何形式的傷害或損失。

最新文檔

評(píng)論

0/150

提交評(píng)論