Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Antonio kung impact of ai on privacy sept 10

277 views

Published on

Impact of AI on Privacy

Published in: Engineering
  • Login to see the comments

  • Be the first to like this

Antonio kung impact of ai on privacy sept 10

  1. 1. Methods and Tools for GDPR Compliance through Privacy and Data Protection 4 Engineering Impact of AI on Privacy Antonio Kung (Trialog) Data protection in real-time. Transforming privacy law into practice. Oxford – Sept 10th, 2019 10/09/2019 Data protection in real-time. Transforming privacy law into practice 1 This project has received funding from the European Union’s Horizon 2020 research and innovation programme under grant agreement No 787034
  2. 2. AI based applications Current wave Automatic speech recognition Machine translation Spam filters Search engines … Upcoming wave Autonomous cars Robots for elderly people Autonomous drones … 10/09/2019 Data protection in real-time. Transforming privacy law into practice 2
  3. 3. Example: Safety Application Cooperative ITS 10/09/2019 Data protection in real-time. Transforming privacy law into practice 3 Road side unit Sending vehicle Receiving vehicle Broadcast message (CAM – Cooperative Awareness Message) Position of vehicle Movement of vehicle (speed, acceleration, steering angle, …) Static information about the vehicle: type and size Recent Path (limited to the last 30 seconds at maximum)
  4. 4. Privacy-by-design: Pseudonyms (see https://www.sevecom.eu/ 2006-2008) 10/09/2019 Data protection in real-time. Transforming privacy law into practice 4 Pseudonymization authority Road side unit Sending vehicle Receiving vehicle
  5. 5. Ecosystem 10/09/2019 Data protection in real-time. Transforming privacy law into practice 5 Road side unit Application operator (Safety, Traffic) Pseudonym issuer (PKI) Vehicle operator Road side unit operator On board Application operator Safety
  6. 6. Ecosystem Threats 10/09/2019 Data protection in real-time. Transforming privacy law into practice 6 Road side unit Application operator (Safety, Traffic) Pseudonym issuer (PKI) Vehicle operator Road side unit operator On board Application operator Safety Linking data (using AI) Linking pseudonyms (using AI) Identify driving behaviour Identify driving offence
  7. 7. Autonomous vehicle example Example: Autonomous Vehicle AI to help decision 10/09/2019 Data protection in real-time. Transforming privacy law into practice 7 toon Policy management process Autonomous vehicle manufacturer Control and monitoring process Applies Autonomous vehicle Vehicle and passengers to manage Safety, security, privacy policies follows applies to monitor Establishes follows
  8. 8. AI to Assist System Lifecycle Processes 10/09/2019 Data protection in real-time. Transforming privacy law into practice 8 Process AI support Agreement AI-assisted data sharing agreement Organisational AI assisted decision making AI assisted knowledge management Technical management AI assisted risk analysis AI assisted compliance Technical process AI-assisted risk analysis AI-assisted design AI-assisted verification AI assisted operation AI assisted maintenance ISO/IEC/IEEE 15288
  9. 9. AI to help Cybersecurity Lifecycle (ISO/IEC 27101 – NIST) 10/09/2019 Data protection in real-time. Transforming privacy law into practice 9 Process AI support Identify AI assisted risk analysis Protect Pattern recognition for the design of security and privacy controls Detect Anomaly detection - off-line analysis - on-line detection Respond Assisting and training operators Autonomous decision taking?Recover
  10. 10. AI to help Risk Analysis Assistance to avoid attacks (reduce likelihood of threats) Assistance to breaches (reduce severity of impact) Data protection in real-time. Transforming privacy law into practice 10/09/2019 10 Absolutely avoided or reduced Must be avoided or reduced Must be reduced These risks may be taken Negligible Likelihood Limited Likelihood Significant Likelihood Maximum Likelihood Negligible Impact Limited Impact Significant Impact Maximum Impact
  11. 11. AI to Break Cybersecurity security incident / privacy breach is more likely to occur Security incident / privacy breach has more impact 10/09/2019 Data protection in real-time. Transforming privacy law into practice 11 Absolutely avoided or reduced Must be avoided or reduced Must be reduced These risks may be taken Negligible Likelihood Limited Likelihood Significant Likelihood Maximum Likelihood Negligible Impact Limited Impact Significant Impact Maximum Impact
  12. 12. Data Poisoning Courtesy Ivo Emanuilov (KUL – citip – Imec) Adversarial examples: malicious inputs to machine learning models Data Poisoning: Fooling the models 10/09/2019 Data protection in real-time. Transforming privacy law into practice 12
  13. 13. Malicious AI Report (February 2018) 10/09/2019 Data protection in real-time. Transforming privacy law into practice 13
  14. 14. Conclusions AI will improve lifecycle processes AI will improve security and privacy risk management Malicious AI will increase security and privacy risks Security and Privacy Governance Model for AI to meet Empowerment capability Explainability capability 10/09/2019 Data protection in real-time. Transforming privacy law into practice 14
  15. 15. Context or presentation ISO Study period Impact of AI on privacy Started in October 2018 for one year Rapporteurs  Antonio Kung  Srinivas Poosarla  Peter Dickman  Gurshabad Grover  Peter Deussen  Heung Youl Youm  Zhao Yunwei SC27 work, liaison with SC42 AI Terms of reference review new generation of AI-based systems (autonomous systems) and identify their impact on privacy, review new threats to privacy which AI can create, review how AI can be used by deploying improved privacy controls, and provide recommendations for standardization work. 10/09/2019 Data protection in real-time. Transforming privacy law into practice 15
  16. 16. Methods and Tools for GDPR Compliance through Privacy and Data Protection 4 Engineering Thank you for your attention Questions? For more information, visit: www.pdp4e-project.org Contact points Antonio Kung (Trialog) Antonio.kung@trialog.com Yod Samuel Martín (UPM) ys.martin@upm.es 10/09/2019 Data protection in real-time. Transforming privacy law into practice Slide 16

×