ARTIFICIAL INTELLIGENCE AND DATA PROTECTION
Artificial intelligence and data protection
Artificial intelligence and data protection are present in our days and not only in the most private sphere, but in all areas of our lives.
There are multiple definitions of “digital ethics”, being valid to understand it as “the impact of digital information and communication technologies (ICT) in our society”. as “the impact of digital information and communication technologies (ICT) in our society”.
Others see it as the “moral decisions that are made in the digital world”.
Some of our customers in ValenciaWe have received several concerns related to new technologies and how they affect the data protection regulations.
The main characteristic of the digital world is the non-existence of borders and therefore, the information that flows does so, in most cases, without limits, and that is why the digital is present in each and every one of our daily actions, entering fully into our privacy.
On the other hand, this new digital paradigm is joined by the advance in technologies, appearing as a new element to consider the use of Artificial Intelligence, where machines are programmed in an intelligent way, so that they perform actions aimed at solving situations with certain autonomy.
If we visualize these new concepts, which refer to new realities present in our lives, in the field of data protection, we will find that Artificial Intelligence and digital ethics must also comply with and respect human dignity and fundamental rights, among which is the protection of personal data.
Under the European General Data Protection Regulation 2016/679 (hereinafter, GDPR) and the Organic Law 3/2018 of December 5, 2018 on the Protection of Personal Data and Guarantee of Digital Rights (hereinafter, LOPD-GDD), the concepts that relate to the application of Artificial Intelligence are as follows:
- Data minimization
- Special categories of data
- Automated decisions (profiling)
- Risk analysis and impact assessment
- Organizational and technical security measures
- International transfers
In addition, any system that uses Artificial Intelligence applications in the processing of personal data must comply with and respect the principles established by the RGPD and the LOPD-GDD:
- Legality of treatment
- Data accuracy
- Duty of confidentiality
- Transparency
- Security
- Risk management
The turning point in this area is provided by data protection by design and by default, regulated in Article 25 of the GDPR, which seeks to ensure that data protection is present from the origin of the project (design), as well as in the processing that is absolutely necessary for the purposes of the processing (by default).
In the protection by design, it is necessary that the responsible party takes the necessary security measures from the beginning of the project, which minimize the risk in the processing of data, through data minimization or pseudonymization / anonymization, where the possibility of identifying personal data with the owner of these becomes a titanic task, not to say almost impossible, thus generating the necessary protection for the treatment.
If we apply default protection, we realize that we are in a different moment within the data processing, because here it will not be applied in the early stages, but in the processing process itself, using only those data that I really need for the processing.
Therefore, the use or application of Artificial Intelligence technologies implies an increase in guarantees, both in terms of quality of service and security of treatment, always respecting the dignity of individuals and constitutionally protected fundamental rights.
Therefore, all data controllers using technologies involving Artificial Intelligence must conceive them within the scope of mandatory protection of personal data, without being able to omit the obligations that the rules impose on any person who processes personal data in their capacity as controller or processor.
If your company uses Artificial Intelligence technology and processes personal data, do not hesitate to contact us for comprehensive advice on data protection.
Contact our Valencia office here
If you prefer a data protection quotation, please request here
Legal Department Business Adapter