Can Africa Lead the Way? Decoding Bias and Building a Fairer AI Ecosystem

Mitigating bias in AI development, particularly through focusing on representative #African #data collection and fostering collaboration between African and Western #developers, will lead to a more equitable and inclusive future for #AI in Africa.

The rise of Artificial Intelligence (AI) has ignited a revolution across industries, from healthcare diagnostics to creative content generation. However, amidst the excitement lurks a shadow: bias. This insidious force can infiltrate AI systems, leading to discriminatory outcomes and perpetuating societal inequalities. As AI continues to integrate into the African landscape, the question of…

View On WordPress

Go back to the top of this article and reread that transcript of Rep. Buddy Carter grilling TikTok CEO Shou Zi Chew. Now, Carter is a dunderhead, but he’s dunderheaded in a way that illuminates just how bad COPPA enforcement is, and has been, for 25 long years.

Carter thinks that TikTok is using biometric features to enforce COPPA. He imagines that TikTok is doing some kind of high-tech phrenology to make sure that every user is over 13 (“I find that [you aren’t capturing facial images] hard to believe. It is our understanding that they’re looking at the eyes. How do you determine what age they are then?”).

Chew corrects the Congressdunderhead from Georgia, explaining that TikTok uses “age-gating”: “when you ask the user what age they are.”

That is the industry-wide practice for enforcing COPPA: every user is presented with a tick-box that says “I am over 13.” If they tick that box, the company claims it has satisfied the requirement not to spy on kids.

But if COPPA were meaningfully enforced, companies would simply have to stop spying on everyone, because there are no efficient ways to verify the age of users at the scale needed for general operation of a website.

-How To Make a Child-Safe TikTok: Have you tried not spying on kids?

Regulamentul general privind protecția datelor GDPR

GDPR – General Data Protection Regulation / Regulamentul general privind protecția datelor protejează persoanele fizice atunci când datele lor sunt prelucrate de sectorul privat și de cea mai mare parte a sectorului public. Impulsul pentru confidențialitatea datelor a explodat în ultimii ani, cu reglementări precum Regulamentul general privind protecția datelor (GDPR) al UE și Legea privind…

trying to request the data from my reddit profile so i can delete it. does anyone know which option to select? i am unfamiliar with these and don't currently have the time to research them

The GDPR aims to increase individuals’ access to personal data. This is aimed at standardizing data protection practices across the European Union or EU. The General Data Protection Regulation or GDPR was in effect in 2018. The main aim is to establish standards for businesses to adhere to.

Europe Clamps Down on Meta Ad Personalization

General Data Protection Regulation (GDPR) , Standards, Regulations & Compliance Company Rolls Out a Paid Subscription for Ad-Free Use Akshaya Asokan (asokan_akshaya) • November 3, 2023     Social media giant Meta faces a possible ban within the next 10 days across Europe on the consent-free use of personal data for ad personalization. See Also: Live Webinar | Generative AI: Myths, Realities…

View On WordPress

Ensuring GDPR and DPA Compliance: How AIO Legal Services Supports UK Companies

With the ever-increasing volume of data and the need for robust data protection measures, compliance with the General Data Protection Regulation (GDPR) and the UK Data Protection Act (DPA) has become paramount for businesses operating in the UK. Non-compliance can lead to severe penalties and reputational damage. To alleviate the complexities of GDPR and DPA compliance, AIO Legal Services offers…

View On WordPress

Trusting Data in the Digital Age: Building a Better Future

23 May 2023

In today's interconnected world, data has become a powerful resource that fuels technological advancements and drives decision-making processes across various industries. However, the increasing reliance on data also raises concerns about its trustworthiness and the potential consequences of its misuse. Building trust in data is crucial to ensure the integrity, reliability, and ethical use of information. This article explores the concept of trust in data, its significance, challenges, and strategies to establish a foundation of trust for a data-driven future.

The Importance of Trust in Data:

Trust is the cornerstone of any successful relationship, and the relationship between humans and data is no exception. Trust in data is vital for several reasons:

Informed Decision Making: It enables individuals, organizations, and governments to make well-informed decisions with confidence. Whether it's assessing market trends, evaluating performance metrics, or formulating policies, reliable data forms the basis for sound judgments.

Transparency and Accountability: Trustworthy data promotes transparency, allowing stakeholders to understand the origins, quality, and limitations of the information they rely upon. It also holds organizations accountable for their actions, as data-driven insights can be scrutinized for bias, manipulation, or misrepresentation.

Technological Advancements: Trustworthy data is the fuel that powers artificial intelligence, machine learning, and other emerging technologies. Without reliable data, the algorithms and models developed to improve efficiency, automate processes, and drive innovation may yield flawed results and detrimental outcomes.

Challenges to Trust in Data:

Building trust in data is not without its challenges. Several factors contribute to skepticism and hinder the establishment of trust:

Data Quality and Accuracy: Data can be riddled with errors, inconsistencies, or biases, compromising its reliability. Incomplete or outdated datasets can further erode trust in their validity and relevance.

Data Privacy and Security: Data breaches, unauthorized access, and misuse of personal information have heightened concerns around data privacy and security. Individuals and organizations are increasingly wary of sharing their data due to potential risks of exploitation or compromise.

Ethical Considerations: Data collection, analysis, and utilization raise ethical questions regarding consent, fairness, and the potential for discrimination. Failure to address these concerns undermines trust in data-driven initiatives.

Building Trust in Data:

Establishing trust in data is a collective responsibility that requires proactive measures from various stakeholders. Here are some strategies to foster trust in data:

Data Governance and Standards: Developing robust governance frameworks and industry-wide standards for data collection, storage, and usage helps ensure transparency, consistency, and accountability.

Data Quality Assurance: Implementing rigorous data validation, verification, and cleansing processes helps maintain data integrity and accuracy. Regular audits and checks can help identify and rectify any errors or biases.

Data Privacy and Security Measures: Prioritizing data privacy and security is crucial to earning the trust of individuals and organizations. Implementing strong data protection measures, complying with relevant regulations (such as GDPR), and being transparent about data handling practices can build confidence in data usage.

Ethical Data Practices: Adhering to ethical guidelines, such as obtaining informed consent, anonymizing data, and minimizing bias, demonstrates a commitment to responsible data practices and helps build trust among stakeholders.

Collaboration and Openness: Encouraging collaboration, knowledge-sharing, and open data initiatives foster a culture of trust and transparency. Embracing external audits and inviting scrutiny can help identify areas of improvement and build confidence in data processes.

Conclusion:

In the age of data-driven decision-making, trust in data is paramount. Establishing trust requires addressing challenges related to data quality, privacy, security, and ethical considerations. By implementing robust governance frameworks, ensuring data accuracy, prioritizing privacy and security, adhering to ethical guidelines, and fostering collaboration, stakeholders can build a solid foundation of trust in data. Trustworthy data not only enables informed decision-making but also paves the way for responsible technological advancements that benefit society as a whole.

Make more confident business decisions with data you can trust. 

Schedule a demo today!

Recent Developments in Data Privacy and Their Implications for Business 

Recent Developments in Data Privacy and Their Implications for Business

Data privacy is a hot topic in today’s digital world. Here are nine recent developments that changed the data privacy landscape and what they mean for businesses and consumers.  1. The EU General Data Protection Regulation (GDPR) came into force in May 2018, creating a unified data protection framework across the EU and giving individuals more control over their personal data. The EU General…

View On WordPress

In 1998, Congress passed the Children’s Online Privacy Protection Act (COPPA), which prohibits online service providers from collecting the data of children under the age of 13 without parental consent.

COPPA is remarkable, first because it is one of the very, very few federal privacy guarantees enacted by Congress, an exclusive club whose founding member is the Video Privacy Protection Act of 1988, passed by Members of Congress panicked at the thought of video-store clerks leaking their porn rental histories.

But the other remarkable thing about COPPA is how poorly it is enforced.

In this regard, COPPA is very similar to the General Data Protection Regulation (GDPR), the EU’s 2016 landmark privacy law. The GDPR has many more moving parts than COPPA, as befits a general data-protection regulation, but at core, the GDPR seeks to incinerate the absurd fiction at the root of commercial surveillance: namely, that we “consent” to commercial surveillance by clicking “I agree” on long, unreadable terms of service.

Under the GDPR, companies that want to collect, sell or process your data need to explain themselves, clearly: they have to tell you what they’re collecting and how they plan on using it.

-How To Make a Child-Safe TikTok: Have you tried not spying on kids?

Will Blockchain save Healthcare Industry from World’s Toughest Data Privacy Law 

Digitalization has been a boon for the modern world that shrunk our personal and professional space, engaging us constantly without a second to breathe. But are we looking at the darker side? 

Digitalization in the past few years has given problems that we thought wouldn't exist with its advent. But we couldn't be more wrong. 

More businesses today have experienced data breaches exposing millions of sensitive data that could destroy the lives of our innocent customers and people in general. It isn't wrong to say that Digitalization is a double-edged sword. 

Healthcare and Privacy: Is your customer's sensitive data safe 

The healthcare industry experiences the most data breaches and cyber-attacks, exposing thousands of highly sensitive protected health information or PHI. 

Exposed personal data is used for malicious purposes such as blackmailing, extortion, and much more that cause severe health and mental distress among patients. 

Besides a security breach, manual error and insider leaks are the 2nd most significant cause of privacy compromises. And this comes with high costs that healthcare startups and SMBs can't afford. 

Cost of Privacy non-compliance under EU's GDPR.   

GDPR Compliance has fined several healthcare organizations for failing to adopt adequate privacy measures and exposing sensitive data to cyber-attacks and breaches. Here are a few examples:   

Helse Stavanger HF: In January 2019, Norway's Data Protection Authority fined Helse Stavanger HF, a healthcare organization, € 170,000 for failing to implement appropriate technical and organizational measures to protect patient data. The breach occurred when patient data was accidentally made available online for several months.   

A German Hospital: In November 2019, a German hospital was fined € 105,000 for not implementing appropriate technical and organizational measures to protect patient data. The breach occurred when hospital staff used the same password for several user accounts, which allowed unauthorized access to patient data.   

British Airways: Although not a healthcare organization, British Airways was fined € 22 million in October 2020 for a data breach that exposed the personal data of more than 400,000 customers (about half the population of Delaware). This breach included sensitive personal data such as names, addresses, and credit card details.   

These three examples emphasize the underlying utility of data privacy.   

“Data privacy compliance not only controls costs. It builds long-term consumer loyalty with a trusted brand.”   

Indeed, Healthcare must prioritize data privacy with technologies that ensure long-standing technical superiority in privacy and security. 

Will Blockchain solve Healthcare's data privacy nightmare? 

Blockchain technology has the potential to revolutionize the healthcare industry by providing a secure and decentralized platform for storing and sharing sensitive patient data. 

However, as with any technology dealing with personal data, it must comply with the General Data Protection Regulation (GDPR Compliance) to protect patient privacy. 

One of the most crucial aspects of blockchain technology in healthcare is that it can give patients more control over their data, giving them immense benefits. 

With Blockchain, patients can give explicit consent for sharing their data and track who has accessed their data. This offers patients greater transparency and control over their personal information, a fundamental principle of GDPR Compliance. 

In addition, blockchain technology can also enhance data security by providing a tamper-proof ledger that can help prevent unauthorized access to patient data. 

Using encryption and decentralization, Blockchain can ensure that only authorized parties have access to patient data and that any changes made to the data are fully transparent and traceable. 

However, to ensure GDPR compliance, healthcare organizations must take several steps.  

These include: 

Implementing a privacy impact assessment: This involves assessing the impact of blockchain technology on patient privacy and ensuring that all necessary safeguards are in place to protect personal data. 

Implementing appropriate technical and organizational measures: This includes implementing encryption, access controls, and other security measures to protect patient data. 

Ensuring transparency: Patients must be informed about how their data will be used and who can access it. Healthcare organizations must also ensure that patients can access their data and exercise their rights under GDPR, such as the right to be forgotten. 

Appointing a data protection officer: This person will ensure that the organization complies with GDPR and that patient data is protected. 

Overall, blockchain technology can provide significant benefits to the healthcare industry. Still, it must be implemented in a way that fully complies with GDPR and ensures patient privacy is always protected. 

Conclusion: With its immutable ledger and decentralized architecture, Blockchain can ensure the security and integrity of sensitive patient information without compromising data sharing among authorized parties. 

This technology can also streamline healthcare data management, reducing costs and improving overall efficiency.  

However, implementing Blockchain in Healthcare will require careful consideration of various factors, including regulatory compliance like GDPR Compliance, interoperability, and privacy concerns. 

Visit Adzapier to learn more about Data, Privacy, and Compliance. 

What are the current frameworks and policies governing AI, providing a comprehensive overview of AI regulations?

The need for rules and frameworks to direct the development and application of artificial intelligence (AI) is becoming more and more apparent as the field expands and changes. We will give an overview of some of the current frameworks and laws governing AI in this post. The OECD AI Principles are one of the most well-known AI frameworks. These guidelines, created by the Organization for Economic Co-operation and Development (OECD), aim to encourage reliable and responsible AI. They include suggestions like ensuring AI systems are open, understandable, and reliable as well as protecting personal information and human rights.

What is OECD AI Principles

The Organization for Economic Co-operation and Development (OECD) has created a set of rules called the OECD AI Principles to encourage the ethical and responsible creation and application of artificial intelligence (AI). The guidelines, which were approved in May 2019, are meant to serve as a foundation for nations and organizations to create their own AI policies and plans.

The OECD AI Principles consist of five broad principles:

Inclusive growth, sustainable development, and well-being

AI should be designed and developed in a way that promotes inclusive growth, sustainable development, and human well-being.

Fairness and values centered on people

AI should support fairness while respecting people's rights, values, and individual liberty.

Transparency and explain ability 

In order to help users make wise decisions, AI systems should be visible, explainable, and intelligible.

Robustness, security, and safety

To reduce the risks of unexpected outcomes, AI systems should be robust, secure, and safe throughout their life cycles.

Accountability

Those responsible for the design and implementation of AI systems must take responsibility for their choices and behaviors.

More than 40 nations, including the United States, Japan, and the United Kingdom, as well as a number of international organizations have accepted the OECD AI Principles. They are regarded as a crucial point of reference for formulating AI policies and have been employed by various nations to help shape the creation of their respective national AI programmes and policies. In addition to the OECD AI Principles, numerous nations have created their own laws and rules regarding AI. For instance, the General Data Protection Regulation (GDPR), created by the European Union (EU), regulates how personal data is used in AI systems. Additionally, the EU has created the Ethics Guidelines for Trustworthy AI, which offer a framework for moral AI research and use.

What is the General Data Protection Regulation (GDPR)

In May 2018, the European Union (EU) adopted the General Data Protection Regulation (GDPR), a law governing data privacy. The GDPR intends to improve and harmonise data protection regulations throughout the EU and give people more control over their personal data. Regardless of where the organisation is situated, the GDPR applies to all organisations that gather, handle, or retain personal data of EU citizens. Names, addresses, email addresses, social security numbers, and online identifiers are just a few examples of the many types of personal information it includes. Individuals have the right to access their personal data, ask for its rectification or deletion, and object to its processing under the GDPR. The GDPR also imposes obligations on businesses that handle personal data, such as the need to get individuals' consent before processing their data, put in place the proper organizational and technological safeguards to secure data, and notify the competent authorities of any data breaches within 72 hours. If an organization violates the GDPR, they may be subject to fines of up to €20 million or 4% of its annual global turnover, whichever is higher. The GDPR, which is regarded as a milestone rule for data privacy, has raised attention on data protection and privacy around the globe. Similar restrictions have either been implemented or are being considered by other nations. Regulations concerning AI have also been created in the US. A framework for AI has been created by the National Institute of Standards and Technology (NIST), which offers instructions for creating reliable and open AI systems. Guidelines for the use of AI in consumer protection have also been released by the US Federal Trade Commission (FTC). Other nations have also created their own frameworks and rules for AI, like China and Canada. The New Generation Artificial Intelligence Development Plan, which describes China's objectives for the development of AI, was created. The Canadian AI Ethics Framework was created in Canada and offers guidelines for the creation and application of ethical AI. While the necessity for rules and frameworks for AI is becoming more widely acknowledged, so are the difficulties in creating them. Regulations and frameworks must be adaptable enough to take into account new advances because AI is a topic that is developing quickly. Additionally, there are difficulties in international coordination and collaboration since different nations may have different laws and frameworks. In conclusion, frameworks and rules for AI are crucial to ensuring that it is created and applied in a trustworthy and responsible manner. Although there are several frameworks and laws in place right now, the area of artificial intelligence is continuously developing, thus there is a need for ongoing debate and collaboration to make sure that laws and frameworks are still effective.

Learn More about machine learning

I've seen a number of people worried and concerned about this language on Ao3s current "agree to these terms of service" page. The short version is:

Don't worry. This isn't anything bad. Checking that box just means you forgive them for being US American.

Long version: This text makes perfect sense if you're familiar with the issues around GDPR and in particular the uncertainty about Privacy Shield and SCCs after Schrems II. But I suspect most people aren't, so let's get into it, with the caveat that this is a Eurocentric (and in particular EU centric) view of this.

The basic outline is that Europeans in the EU have a right to privacy under the EU's General Data Protection Regulation (GDPR), an EU directive (let's simplify things and call it an EU law) that regulates how various entities, including companies and the government, may acquire, store and process data about you.

The list of what counts as data about you is enormous. It includes things like your name and birthday, but also your email address, your computers IP address, user names, whatever. If an advertiser could want it, it's on the list.

The general rule is that they can't, unless you give explicit permission, or it's for one of a number of enumerated reasons (not all of which are as clear as would be desirable, but that's another topic). You have a right to request a copy of the data, you have a right to force them to delete their data and so on. It's not quite on the level of constitutional rights, but it is a pretty big deal.

In contrast, the US, home of most of the world's internet companies, has no such right at a federal level. If someone has your data, it is fundamentally theirs. American police, FBI, CIA and so on also have far more rights to request your data than the ones in Europe.

So how can an American website provide services to persons in the EU? Well… Honestly, there's an argument to be made that they can't.

US websites can promise in their terms and conditions that they will keep your data as safe as a European site would. In fact, they have to, unless they start specifically excluding Europeans. The EU even provides Standard Contract Clauses (SCCs) that they can use for this.

However, e.g. Facebook's T&Cs can't bind the US government. Facebook can't promise that it'll keep your data as secure as it is in the EU even if they wanted to (which they absolutely don't), because the US government can get to it easily, and EU citizens can't even sue the US government over it.

Despite the importance that US companies have in Europe, this is not a theoretical concern at all. There have been two successive international agreements between the US and the EU about this, and both were struck down by the EU court as being in violation of EU law, in the Schrems I and Schrems II decisions (named after Max Schrems, an Austrian privacy activist who sued in both cases).

A third international agreement is currently being prepared, and in the meantime the previous agreement (known as "Privacy Shield") remains tentatively in place. The problem is that the US government does not want to offer EU citizens equivalent protection as they have under EU law; they don't even want to offer US citizens these protections. They just love spying on foreigners too much. The previous agreements tried to hide that under flowery language, but couldn't actually solve it. It's unclear and in my opinion unlikely that they'll manage to get a version that survives judicial review this time. Max Schrems is waiting.

So what is a site like Ao3 to do? They're arguably not part of the problem, Max Schrems keeps suing Meta, not the OTW, but they are subject to the rules because they process stuff like your email address.

Their solution is this checkbox. You agree that they can process your data even though they're in the US, and they can't guarantee you that the US government won't spy on you in ways that would be illegal for the government of e.g. Belgium. Is that legal under EU law? …probably as legal as fan fiction in general, I suppose, which is to say let's hope nobody sues to try and find out.

But what's important is that nothing changed, just the language. Ao3 has always stored your user name and email address on servers in the US, subject to whatever the FBI, CIA, NSA and FRA may want to do it. They're just making it more clear now.

Cookie pop-ups are designed to be confusing and make you 'agree' to be tracked. This add-on automatically answers consent pop-ups for you, so you can't be manipulated. Set your preferences once, and let the technology do the rest!

This add-on is built and maintained by workers at Aarhus University in Denmark. We are privacy researchers that got tired of seeing how companies violate the EU's General Data Protection Regulation (GDPR). Because the organisations that enforce the GDPR do not have enough resources, we built this add-on to help them out.

We looked at 680 pop-ups and combined their data processing purposes into 5 categories that you can toggle on or off. Sometimes our categories don't perfectly match those on the website, so then we will choose the more privacy preserving option.

I've been using this since it came out in December 2019 (how time flies!) and definitely recommend it.

Chat Control in a nutshell (please reblog this, US people)

Find out more about Chat Control here TAKE ACTION HERE ! OR HERE Calling is much more efficient ! The latter link will redirect you to the official websites of your respective reps. Under the "read more", you will find what you need to say/write when contacting your reps. You will also find an alternate format of this comic,and I give explicit permission for people to translate it and spread it anywhere for awareness. Credit really not needed, I don't care about that rn Even if this is a EU proposal, I am urging Americans to also share this, since it goes hand in hand with KOSA. DON'T FORGET TO JOIN OUR DISCORD SERVER AGAINST CHAT CONTROL ! https://discord.com/invite/e7FYdYnMkS

(Latest update on Chat Control was the 12 september 2024) This is a little long, so feel free to shorten it as you wish : Subject line: "2022/0155(COD) Dear Sir/Madam, I am writing to express my grave concerns regarding the proposed introduction of "Chat Control" This measure poses a serious threat to the privacy and fundamental rights of all EU citizens and stands in stark contradiction to the core principles that the European Union seeks to uphold. The proposed Chat Control contravenes Articles 7 and 8 of the Charter of Fundamental Rights of the European Union, which guarantee the right to respect for private and family life and the protection of personal data. The indiscriminate surveillance of private messages without specific suspicion or cause directly violates these fundamental rights. The General Data Protection Regulation (GDPR) sets out stringent rules for the processing of personal data. The proposed indiscriminate surveillance and scanning of private messages before end-to-end encryption is fundamentally incompatible with the principles of data minimization and purpose limitation enshrined in the GDPR. Specifically, Articles 5 and 6 of the GDPR, which govern the lawfulness and principles of data processing, would be violated by the introduction of such measures. The implementation of Client-Side Scanning (CSS) on devices means that all messages and files are scanned on the user's device before being encrypted and sent. This effectively nullifies the protection offered by end-to-end encryption and opens the door to misuse and additional security vulnerabilities. Moreover, the technical capability to scan such content could be exploited by malicious actors to circumvent or manipulate surveillance mechanisms. Such far-reaching surveillance measures not only endanger privacy but also freedom of expression. The knowledge that their private messages are being scanned and monitored could significantly restrict individuals' willingness to freely express themselves. Additionally, trust in digital communication platforms would be severely undermined. I urge you to take a strong stance against this disproportionate and unlawful measure. The privacy and digital rights of EU citizens must be safeguarded. It is imperative that we protect our fundamental rights and ensure transparency in the decision-making processes of our leaders. For more detailed information on the proposal and its implications, please refer to the following resource: Link to Netzpolitik article. https://www.patrick-breyer.de/rat-soll-chatkontrolle-durchwinken-werde-jetzt-aktiv/ Thank you for your attention to this critical matter. Sincerely, [Name] Art. 10 GG , Art. 8 & 11 EU Charta , Art. 8 EMRK (Alternate comic here V)