Privacy and AI

                                                            Privacy and AI

The power struggle between privacy and the freedom of AI

By Turner Cox

April 5 2024

In the age of rapid technological advancements, artificial intelligence has become a noticeable force in several industries. Some common examples of products using AI include “Large Language Models” (LLMs) such as OpenAI’s ChatGPT and Google’s Gemini, as well as IoT devices integrated with AI technology to help the user have a more seamless experience. From automation to digital personal assistants, the integration of AI into the daily lives of people is rampant. However, because of the great power that AI holds, it also raises several privacy concerns. AI models need vast amounts of data in order to train themselves, and that data is a valuable commodity, which causes businesses to put their focus on data collection.

The following are areas in which issues arise between AI and privacy.

Use of User Data: When users interact with AI systems, there is a chance that the data inputted by the user will be used later for training purposes. This can be a privacy risk because the data inputted by the user may be sensitive, and in training use, the sensitive data may be seen by many people who were not originally supposed to see the data. For example, if an employee of a government agency uses an AI integrated tool to summarize a classified document, and the document is saved and used later for training purposes, this can be a great security risk. 

Limited Regulation: There are no universal set of laws governing AI’s boundaries, therefore companies can essentially create their own boundaries. There are best practices available to users to mitigate the privacy risks, but there are no clear boundaries for this technology so far.

Biometric Data: Technologies that integrate AI and biometrics, such as some facial recognition technologies, have access to an even more important type of data - a person’s biometrics. This of course can be used for malicious purposes such as discrimination.

Metadata Collection: AI enables companies to collect metadata (the data containing much of the information behind an image or other digital file), allowing for precise content targeting without users' full understanding or consent.

Data Storage Periods: There is not much transparency when it comes to the time period in which companies retain user data. Users may not know how long their data is retained and under what circumstances it is accessed.

Web Scraping and Crawling: For the purpose of training AIs such as LLMs, a common strategy is web scraping or web crawling. These are processes that involve using web information such as social media or metadata as resources to train AI with. Unbeknownst to many, each public post a person has made may be used by AI for training purposes and seen by people that were not meant to see it.

Counter Arguments:

One could argue that AI is simply an advanced tool, and that one should understand how to use it in order to protect their privacy. If they are negligent, it is their own fault. For example, in the case of a government employee accidentally leaking a classified document to an AI model, one could argue that this is a negligent act, and the employee should not be so careless with the classified information. Furthermore, web scraping or web crawling is simply the process of searching through publicly available information. While it is perhaps creepy that an AI is rummaging through millions of posts that humans may have even forgotten about, it is legal as of now, and one could argue that it is merely a clever solution to the problem of training these AI models. Finally, putting restrictions on AI may impede the progress of development of this new technology. If too many restrictions are put upon AI too early, we may not realize its full potential. 

Solutions for AI and Privacy Concerns:

Use Policy: Organizations should define clear policies on how AI tools can be used and who/what/when/where/why/how the data can be used.

Security Tools: Tools such as extended detection and response (XDR) can help protect data from unauthorized access and misuse.

 

Questions:

Should the government be involved in regulating AI and its collection of data? If so, to what extent? How can balance be maintained between privacy and freedom of AI?

Conclusion:

As AI continues to improve and become more useful for the lives of all individuals, these issues become even more complex. It is incredibly difficult to balance the usefulness of AI with the concerns of privacy violations. However, by abiding by best practices, and perhaps the intervention of government, AI could become a valuable tool to make the lives of all much easier.

Works Cited

Hiter, Shelby. “AI and Privacy Issues: What You Need to Know.” EWEEK, 20 Sept. 2023, www.eweek.com/artificial-intelligence/ai-privacy-issues/.

Office of the Victorian Information Commissioner. “Artificial Intelligence and Privacy - Issues and Challenges.” Office of the Victorian Information Commissioner, Aug. 2018, ovic.vic.gov.au/privacy/resources-for-organisations/artificial-intelligence-and-privacy-issues-and-challenges/.

Pearce, Guy. “Beware the Privacy Violations in Artificial Intelligence Applications.” ISACA, 28 May 2021, www.isaca.org/resources/news-and-trends/isaca-now-blog/2021/beware-the-privacy-violations-in-artificial-intelligence-applications.

Sher, Gai, and Ariela Benchlouch. “The Privacy Paradox with AI.” Reuters, 31 Oct. 2023, www.reuters.com/legal/legalindustry/privacy-paradox-with-ai-2023-10-31/.

Sullivan, Morgan. “Examining Privacy Risks in AI Systems.” Transcend Blog, 1 Dec. 2023, transcend.io/blog/ai-and-privacy.