UK privacy regulator releases guidelines for AI, big data, and machine learning

The UK Information Commissioner's Office has published policy guidelines for big data, artificial intelligence, machine learning and their interaction with data protection law. Applying data protection principles becomes more complex when using these techniques. The volume of data, the ways it's generated, the complexity of the way it's processed, the new uses found for it, and the potential for unexpected consequences to individuals are all among the challenges the ICO considers. The report considers approaches such as anonymisation, privacy impact assessments, and privacy-by-design that may help with both compliance and privacy protection, and argues that data protection as currently enshrined in law remains relevant. The ICO also welcomes developments such as organisations developing their own ethical principles and building trust relationships with the public, as these activities will also tend to improve compliance. Finally, the ICO stresses the importance of transparency and accountability, while recommending implementing innovative techniques to develop machine learning algorithms that can be audited both internally and externally for bias, discrimination, and errors.

https://ico.org.uk/media/for-organisations/documents/2013559/big-data-ai-ml-and-data-protection.pdf