Artificial Intelligence and Data Protection

*By Carlos Eduardo Passerani Reolon

In the last five or six years we have been flooded with studies, articles, proposals and debates on Data Protection. We discovered a universe of possibilities that we were not aware of. This is mainly due to the enactment of the LGPD (General Data Protection Law – Law 13.709/18), which was inspired by the GDPR (General Data Protection Regulation – 2016/679) enacted in the European community in order to protect privacy. of those who are there.

Over there, the context turned out to be a little more natural for a broad regulation, as the debate on privacy was born much earlier – more precisely in 1995, when Directive 95/46 was enacted, which, in a way, already guided the processing of data personal on that continent.

Around here, with the arrival of the LGPD in 2018, the business environment still took some time to assimilate its propositions and the impacts of non-compliance. And, today, we see an environment that is still far from ideal, but much more in line with the premises of data protection. So aligned that, in the current situation, any subject, product/service offer or proposal already considers the data privacy factor, placing it as show-stopper if there is not a minimum attendance to what is expected on the subject.

In this way, new or “new” trends in society are always confronted with what is expected of privacy to determine whether or not it will succeed. And, as “new” as this concept may seem, with Artificial Intelligence it was no different.

worth one disclaimer about the term “new”, which is in quotes because Artificial Intelligence is far from being new. We are talking about a term coined in the 1950s that, since then, gains and loses strength over time, with the possibility of machines imitating humans. Until then, even when the theme gained strength, it still couldn't take off, especially due to the limitations of the tools for applying AI. It is known that the field of development of Artificial Intelligence is necessarily technological, and that until recently we did not have storage and processing conditions capable of making AI fully develop. However, in the last decade, the evolution of algorithms and the almost unlimited supply of computational power have made the subject gain focus again.

We know that AI mostly depends on data to function, in addition to powerful computers behind it “chewing” this data in real time and returning insights for your users. We also know that since its inception, the idea has always been to imitate the human, and AI is still far from that. As “intelligent” as it may be, it is still far from the human capacity to react to certain stimuli. What we have today are the so-called “specialist” AIs, that is, computer programs capable of analyzing large masses of data and, based on them, making inferences about a specific topic. And, most importantly, because they are specialists, they don't have the ability to change domains. In practice, this means that an AI trained to produce score credit card will never be able to diagnose breast cancer, for example – and neither will the reverse.

So we can draw some conclusions. The first is that Artificial Intelligence is far from replacing man in essentially human activities. And the second is that AI will always demand a large volume of training data to be able to make such inferences. This data, by the way, can be collected from the real world from physical sensors, extracted from the public internet (where the offer is almost endless) or artificially produced using specific techniques for this purpose. That is, you cannot dissociate the consumption of data with the application of Artificial Intelligence.

And why are we talking about all this? Because it is at this moment that the universes of AI and Data Protection mix. If Artificial Intelligence demands large volumes of data, and we citizens, in the use of more and more digital (or digitized) tools and services, produce more and more data about us, this means that the discussion about AI must necessarily involve Privacy of Data, correct? Let's think... today we already have very functional applications of Artificial Intelligence in the offers of chatbots (those robots that assist us in the contact channels of several companies), in AI solutions for analysis and score of credit, in image analysis capable of diagnosing diseases at an early stage, among countless other possibilities. So, can we infer that when we talk about AI, we are talking about Personal Data? Wrong! As much as these arguments may lead us to believe that these issues are intrinsic, we must keep in mind that the universe of Artificial Intelligence applications goes beyond the limits of data privacy.

Yes, there is an immense offer of services involving Artificial Intelligence and Personal Data, however, there is a considerably larger horizon of AI applications that do not even touch personal data. See some examples:

• In the field of Agribusiness, we have statistical analyzes that cross weather conditions, soil and pesticide use, delivering the best combinations for each scenario and guiding the operation of machines autonomously.
• In the field of Industry, we have solutions that monitor and predict when a given machine may fail, providing process optimization throughout the entire production chain.
• The weather forecast itself, which using historical data crossed with current facts, is increasingly assertive.

These and countless other examples shed light on the fact that Artificial Intelligence and Privacy must be treated independently. I am not saying here that we should isolate them in silos, since there is obviously a relevant point of intersection between the two subjects – however, we must always keep in mind that they are still different subjects. As Artificial Intelligence is a transversal subject, that is, it will permeate human activity, we should not relegate it to a discussion conditioned to privacy. It is a consensus that in applications dependent on personal data, privacy professionals should be involved (as well as in applications involving electrical energy or civil construction, in which engineers should always take part, or in applications involving the study of laws, in which lawyers should to position).

In the future, we see that every professional – regardless of their field of activity – should have some knowledge of Artificial Intelligence to better apply it in their daily lives. In this way, we will have a healthy debate on the use and application of AI, always conditioned to each environment where it is applied.

* Carlos Eduardo Passerani Reolon is an instructor at ABES ACADEMY, the continuing education and training sector of the Brazilian Association of Software Companies, and a Project Manager at IBM.