Protect personal data when introducing AI, privacy watchdog warns businesses

The Information Commissioner’s Office says it will be checking whether firms have tackled privacy risks as they implement new technologies.
New technologies are covered by existing privacy laws (John Walton/PA)
PA Wire
August Graham15 June 2023

The privacy watchdog will warn companies that they need to be careful with AI or face its wrath.

Information Commissioner’s Office (ICO) regulatory risk boss Stephen Almond will say that he and his colleagues will be watching over the shoulders of companies as they implement new technologies.

“We will be checking whether businesses have tackled privacy risks before introducing generative AI – and taking action where there is risk of harm to people through poor use of their data,” Mr Almond is expected to say in a speech at Politico’s Global Tech Day.

“There can be no excuse for ignoring risks to people’s rights and freedoms before rollout.”

Generative AI – including ChatGPT and Midjourney – collects huge amounts of data from across the internet.

But that means that it might collect personal information, potentially without businesses even realising.

There are rules on how companies are allowed to use personal data, and they apply to generative AI, the ICO said.

“Businesses need to show us how they’ve addressed the risks that occur in their context – even if the underlying technology is the same,” Mr Almond will say on Thursday evening.

Businesses are right to see the opportunity that generative AI offers, whether to create better services for customers or to cut the costs of their services, but they must not be blind to the privacy risks

Stephen Almond, Information Commissioner's Office

“An AI-backed chat function helping customers at a cinema raises different questions compared with one for a sexual health clinic, for instance.”

He will add: “Businesses are right to see the opportunity that generative AI offers, whether to create better services for customers or to cut the costs of their services, but they must not be blind to the privacy risks.

“Spend time at the outset to understand how AI is using personal information, mitigate any risks you become aware of, and then roll out your AI approach with confidence that it won’t upset customers or regulators.”

Create a FREE account to continue reading

eros

Registration is a free and easy way to support our journalism.

Join our community where you can: comment on stories; sign up to newsletters; enter competitions and access content on our app.

Your email address

Must be at least 6 characters, include an upper and lower case character and a number

You must be at least 18 years old to create an account

* Required fields

Already have an account? SIGN IN

By clicking Create Account you confirm that your data has been entered correctly and you have read and agree to our Terms of use , Cookie policy and Privacy policy .

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Thank you for registering

Please refresh the page or navigate to another page on the site to be automatically logged in

MORE ABOUT