ASIAN TIMES: DATA & AI (202405)

Asia Pacific, including Japan, has led dealmaking activities in the global data centre market this year, with M&A value totalling $840.47 million, more than half of the global amount, LSEG data showed.

Continue reading

Building Trust in AI: The Certification Approach

“AI represents the future, and trust is the bridge that will take us there.”

— K.L.

Trustworthy AI

Upon the unveiling of ENVIDA’s Q1 2024 financial report, the leading luminary in the AI-chip manufacturing and service sector, the public has enthusiastically lauded the company’s exceptional performance. This accomplishment serves to reinforce the current and projected robust growth of the AI ecosystem.

Concurrently, the global landscape of AI is witnessing a dynamic evolution in terms of regulation and policy. The EU’s AI ACT has established a nuanced legal architecture, and an array of frameworks, guidelines, statutes, and regulations are emerging across various jurisdictions. These developments are poised to undergo continuous transformation, exerting a profound and enduring influence on industries, communities, and societal structures.

As AI progresses on its trajectory of expansion and advancement, professionals from legal, social, and ethical spheres are demonstrating a heightened interest in critical issues. These include ensuring safety, upholding ethical standards, enforcing accountability, guaranteeing trustworthiness, and protecting privacy, among others.

Google’s CEO Sundar Pichai offered seven objectives for AI applications that became core beliefs for the entire company.

  • Be socially beneficial.
  • Avoid creating or reinforcing unfair bias
  • Be built and tested for safety
  • Be accountable to people
  • Incorporate privacy design principles
  • Uphold high standards for scientific excellence
  • Be made available for uses that accord with these principles

Building trust in the AI era

The chasm between theoretical principles and tangible application is a pivotal subject that demands attention. To address this, Alan Winfield of the University of Bristol and Marina Jirotka from Oxford University propose a comprehensive, four-layer governance framework for AI systems, which could effectively narrow this divide.

This governance framework encompasses the following elements:

(1) reliable systems based on sound software engineering practice;

(2) safety culture through proven business management strategies;

(3) trustworthy certification by independent oversight, and

(4) regulation by government agencies.

Central to the concept of independent oversight is the reinforcement of legal, moral, and ethical tenets that underpin human or organizational accountability and liability for their products and services. Nonetheless, the notion of responsibility is inherently intricate, with subtleties and complexities that are especially pronounced in the face of rapid technological progression and the concurrent evolution of regulatory frameworks.

To navigate these complexities, it is imperative to adopt a dynamic governance approach that not only reflects the current technological landscape but also anticipates future developments. This involves continuous dialogue among technologists, ethicists, legal experts, and policymakers to ensure that AI systems are governed responsibly and ethically, aligning with societal values and expectations.

From privacy trust to AI trust

Certifications, as outlined in Articles 42 and 43 of the General Data Protection Regulation (GDPR), have been acknowledged and incorporated as integral components of compliance mechanisms.

Certain marks and seals have garnered official recognition from European supervisory authorities, exemplified by the likes of EuroPrise and Europrivacy.

Beyond these, entities such as Trustarc are proactively delivering independent assurance and compliance verification services, which are pivotal in substantiating an organization’s adherence to regulatory standards.

The question arises whether the successful establishment of privacy trust can be analogously applied to the realm of AI trust. The affirmative response is warranted, given that the majority of AI operations are fundamentally predicated on data.

While we don’t need to reinvent the wheel, it is crucial to leverage the accumulated experience and successful outcomes from the domain of data protection and privacy governance.

By building upon the established frameworks and practices, we can effectively extend these principles to AI governance, ensuring that AI systems are developed and deployed with a strong foundation of trust, compliance, and ethical considerations.

In April, Trustarc announced the first client to be certified under the newly launched TRUSTe Responsible AI Certification. “This certification marks an important step for the industry towards greater accountability and trust in the technologies shaping our future.” Noël Luke, Chief Assurance Officer at TrustArc said.

ASIAN TIMES: DATA & AI (202403)

The guidance provides clarity for the use of personal data to train and develop AI systems, information to be provided to consumers for obtaining lawful consent, information for third-party developers employing AI models and best practices for complying with the Personal Data Protection Act. 

Continue reading

ASIAN TIMES: DATA & AI (202404)

1. Tesla’s self-driving bid for China faces rivals racing ahead

On a whirlwind trip to Beijing starting Sunday, Musk came to discuss the potential rollout of its FSD driver-assistance system and the possibility of securing government approvals for overseas transfers of data from Tesla , opens new tab vehicles in China, according to a source with knowledge of the trip.

If Tesla succeeds in bringing its “Full Self-Driving” system to China, the world’s largest car market, the U.S. electric-car pioneer will be shifting into the fast lane of the global race toward autonomous vehicles.

https://www.reuters.com/business/autos-transportation/teslas-self-driving-bid-china-faces-rivals-racing-ahead-2024-04-30/

2. EU-Japan: the Council approves a protocol to facilitate free flow of data

The protocol will provide greater legal certainty, ensuring that data flows between the EU and Japan will not be hampered by unjustified data localisation measures, and also ensuring the benefit from the free flow of data according to the EU and Japan’s rules on data protection and the digital economy.

The protocol will enable companies to handle data efficiently without cumbersome administrative or storage requirements and provide them with a predictable legal framework.

https://www.consilium.europa.eu/en/press/press-releases/2024/04/29/eu-japan-the-council-approves-a-protocol-to-facilitate-free-flow-of-data/

3. Global CBPR Forum Announces the Establishment of the Global CBPR and Global PRP Systems and Welcomes New Global CAPE Participants

Celebrating the second anniversary of its establishment, the Global CBPR Forum (Forum) announces the establishment of the Global CBPR and Global PRP Systems with the appointment of Accountability Agents and the publication of the System documents.  The publication of these documents sets the stage for Accountability Agents to start issuing Global CBPR and Global PRP certifications to interested organizations this summer.

On May 15-17, the Forum will also be welcoming government officials, regulators, and other privacy experts from around the world to its fifth multilateral, multistakeholder workshop in Tokyo, Japan. 

https://www.globalcbpr.org/global-cbpr-forum-announces-the-establishment-of-the-global-cbpr-and-global-prp-systems-and-welcomes-new-global-cape-participants/

4. Tesla’s self-driving bid for China faces rivals racing ahead

Singapore’s Cyber Security Agency released its response to feedback it received during public meetings to address updating the Cybersecurity (Amendment) Bill. The guidance answers questions about the amendment including concerns it would increase the cost of compliance efforts for businesses. The CSA aims to update the bill to ensure it remains relevant to the digital landscape.

https://www.csa.gov.sg/legislation/consultations/public-consultation-on-the-cybersecurity-(amendment)-bill

5. EU-Japan: the Council approves a protocol to facilitate free flow of data

The Personal Information Protection Committee approved the “Notice Amendment on Personal Information Impact Assessment”, which reflects the contents of the Personal Information Protection Act revised last year.

Through the revision of this notice, 3 evaluation fields and 7 detailed fields, including ‘pseudonymous information processing’, ‘portable image information processing equipment’, and ‘automated decision’, were newly established, and the number of evaluation fields increased from 25 to 28, and detailed The field was expanded from 55 to 62.

https://www.pipc.go.kr/np/cop/bbs/selectBoardArticle.do?bbsId=BS074&mCode=C020010000&nttId=10083

6. Global CBPR Forum Announces the Establishment of the Global CBPR and Global PRP Systems and Welcomes New Global CAPE Participants

Japan’s data protection authority, the Personal Information Protection Commission, released its triennial review of the Act on the Protection of Personal Information. The report details potential provisions to the APPI, including a surcharge system and possible criminal penalties in an effort to increase compliance.

https://www.ppc.go.jp/files/pdf/240322_shiryou-1.pdf

7. Singapore’s Cyber Security Agency released notes on the Cybersecurity (Amendment) Bill discussion

Microsoft will invest US$1.7 billion in Indonesia to empower the Southeast Asian country with cloud services and artificial intelligence, including by building data centres, visiting chief executive Satya Nadella said on Tuesday (Apr 30).

https://www.channelnewsasia.com/business/microsoft-invest-us17-billion-cloud-ai-indonesia-ceo-says-4302411

ASIAN TIMES: DATA & AI

Onecompliance aims to provide concise updates on key regulatory changes in data security, privacy protection, and emerging trends in fintech regulations across major jurisdictions.

Continue reading