The Past
On the 25th of May 2018 a significant change has marked the EU’s business world. The General Data Protection Regulation (GDPR) came into force, with the goal of empowering customers’ data privacy and protection throughout all stages of the data’s collection, storage, processing and transfer.
Short video on GDPR explanation:
Many companies in order to reach GDPR compliance, had to make significant changes to their processes, especially the ones that concern data, otherwise they would have to pay extravagant fines that could easily lead them to bankruptcy.
The Present
At the same time, with personalised conversations and relevance being the need of the hour, AI and disruptive innovation on most businesses handling personal data inevitably go hand in hand.
The majority of the aforementioned data are used to empower the newly introduced businesses’ AI algorithms: the more data available, the better an algorithm’s predictions (Coles, 2018). These companies currently struggle with the changes they need to perform and are “loosening” their tight knots with the AI implementation. They need to concentrate on what needs to change, how does it need to change and, naturally, will their offering still be effective and/or useful after shifting to a more GDPR compliant technology?
The Future
Although GDPR compliance may seem a great burden to most of the companies which have adopted AI technologies to their functions, we cannot ignore the benefits that can occur. Machine learning could be used to reduce the number of fraudulent behaviours, while tracing and confronting those can be a lot easier (Coles, 2018). The company may as well choose to build AI-powered tools that can notify all stakeholders in case of unauthorized access to their data.
Also, companies can plan strategically and deploy AI technologies in order to create what is needed for their GDPR compliance. In that way, they can easily keep their processes untouched while using AI to prove their processes as safe and protective (Nguyen, 2018).
Depending on the above and your personal insights, would you consider this relationship as love, hate or both?
References:
- Coles, T. (2018). How GDPR Requirements Affect AI and Data Collection. [online] IT Pro. Available at: https://www.itprotoday.com/risk-and-compliance/how-gdpr-requirements-affect-ai-and-data-collection
- Datafloq.com. (2018). Why the Adoption Rate of AI is Increasing. [online] Available at: https://datafloq.com/read/adoption-rate-ai-increasing/5044
- Nguyen, I. (2018). GDPR panic may spur data and AI innovation. [online] TechCrunch. Available at: https://techcrunch.com/2018/06/07/gdpr-panic-may-spur-data-and-ai-innovation/?guccounter=1
Personally I think GDPR is very important, but the way it is executed now unnecessarily restricts many forms of doing business. A lot of small companies for example do not know what is required of them. The rules are way too abstract, regulation is unclear and the way companies are controlled, has not been made public yet. Therefore, companies just take a lot of measures that are unnecessary, which in result, costs them a lot of money.
Hello Tim! Thank you very much for sharing your thoughts regarding GDPR. It is indeed a great challenge for companies, and knowledge acquisition is the key for avoiding such drawbacks and excessive costs on the journey towards GDPR compliance. Companies should be consulted by GDPR experts, who will guide them through the needed actions to be taken and will help them construct a map of the changes to be performed. Companies need to have complete access to their databases and processes in order to be able to identify their missteps and thus improve them. At the same time, all business parties should be aware of the regulation and even adjust their roles & responsibilities towards it. In this way, business terms and data sources will have a complete alignment and changes will be performed quicker, easier and less costly. Protection of the changes and continuous auditing towards them shall be a fundamental aspect of a company’s processes as well, in order to identify potential “slips” and proceed to compliance immediately. At last it all comes on how you react on something and make advantage of it, as the regulation as you said is really abstract.