Comment, by Ross Woodham, Chief Privacy Officer at Aptum
In a newly published White Paper – ‘Artificial Intelligence: A European approach to excellence and trust’- the European Commission (EC) has announced plans to position Europe as a global leader in data driven technologies.
Although focusing on artificial intelligence (AI), the White Paper covers everything from critical infrastructure to cyber security. In a positive step that would see governing bodies take more control of data, the EC’s investment ambitions, if realised, could empower European based technology businesses to compete with the US and China in areas such as AI.
Organisations across a range of industries and all economic sectors, that deploy such technologies, would be in closer proximity to their data as a result. This eases several processes relevant to compliance and transparency, restoring a sense of trust between businesses and technology providers.
From a legal standpoint, the White Paper acknowledges that to achieve true data sovereignty, regulatory frameworks need to accommodate the future developments of emerging technologies in order to create ‘an ecosystem of trust’. A number of requirements are already in place under existing regulations, such as data protections, privacy laws, consumer protections and liability rules.
However, a number of requirements pertaining to ‘transparency, traceability and human oversight’ are absent from a common European framework. Calls to clarify where personal and business data is being distributed and how it is being used have become louder in recent years. These additional regulatory features are important in re-establishing a trusting relationship between users and technology.
Creating an environment where data sets can flourish whilst adhering to numerous changing policies could, therefore, be an arduous task for businesses. Thus, the proposed policy change should encourage businesses to view their data as infrastructure.
Data is an organization’s most important asset. Without data it is near impossible for businesses to track their own progress, improve processes, and reach new markets. Viewing data as infrastructure will direct an organisations’ technological investments towards enriching the data they hold. By deploying measures that incubate data in a transparent, controlled and ethical way, the EC’s proposed regulations would champion such actions.
Ensuring visibility and traceability of data across all cloud applications and locations is the most important component in treating data as infrastructure. As the volume of data companies are exposed to increases due to technologies such as AI, this will become more vital in enabling companies to unlock their full data potential and not simply becoming an ever-growing potential exposure.
Management platforms that allow visibility enable an organisation to conduct an inventory on all of its assets, whilst evaluating its compliance with any local, international or emerging legal frameworks.
The post #Privacy: How data as infrastructure encourages direct data ownership in the GDPR era appeared first on PrivSec Report.