AI data and technology advancements put the importance of Data Privacy Day in perspective

By Samantha Vaughan, ECPC-B FIP AIGP CIPP/US-E-C-G-A CIPM/T

This Sunday, January 28, marks a special occasion for privacy professionals – #DataPrivacyDay, which is a part of #DataPrivacyWeek. Privacy principles, instruments, and laws have evolved in tandem with key technological advancements.

On January 28, 1981, the Council of Europe’s Convention for the Protection of Individuals with Regard to the Processing of Personal Data (“Convention 108”) was opened for signature. This treaty was the first internationally binding instrument incorporating privacy and data protection obligations, reflecting the need to address potential privacy risks arising from the exponential growth in large-scale computing and the emerging ability to transfer large volumes of personal data across borders.

In 2018, Convention 108 was modernized to “Convention 108+,” reflecting enhanced data protection principles consistent with concepts in the EU’s General Data Protection Regulation (GDPR), addressing increased use of more sophisticated technologies and global data transfers to process personal data, and recognizing that more potentially sensitive data types might be available to be processed at a large scale (such as biometrics or genetic data).?

In only a relative handful of years since the GDPR and Convention 108+, we are again experiencing exponential advancements in several areas:

• The volume of personal data able to be processed.
• The speed with which data can be transferred.
• The types of data available concerning individuals.
• The analytical and processing tools being applied to large data sets.

These developments can provide tremendous societal benefits but also raise potentially significant risks to individuals whose data is processed. ?

The North Star(s) we have to guide us – whether with established processing practices, emerging generative or algorithmic artificial intelligence use cases, or advances in processing yet to come – are the established privacy principles reflected in Convention 108 and similar instruments. “Ethical and Responsible AI” discussions on fairness, transparency, accuracy, accountability, and other concepts strongly correlate to “Privacy By Design” and other principles that have formed the foundation of responsible data processing practices for decades.

I am deeply proud to work for an organization that incorporates these concepts in its Privacy and Ethical AI policies and related internal governance practices. We also promote these concepts in the marketplace through offerings such as our FairCheck solution , which helps insurers assess their models for potential unintended bias consistent with methodologies reflected in emerging U.S. insurance regulations and related guidance.

At Verisk, we will be celebrating Data Privacy Day as a new IAPP Diamond Member – which allows us to broaden direct access to privacy best practices and other resources to our team members most involved in data processing and governance, including access to their new AI Governance Center. I’ll also stop by ALM’s Legal Week in NYC to chat about who should be in “The Room Where it Happens” for AI governance and initiatives, and will join one of the emerging issues sessions we provide as a resource to our customers. The session will focus on the evolution of privacy and technology, and how these changes are reflected in emerging legal and regulatory developments.

Happy Data Privacy Day and Data Privacy Week. Here’s to a wonderful and exciting new year for all things privacy!?

Samantha Vaughan is Verisk’s chief privacy officer. She leads the development and implementation of policies that protect the data entrusted to Verisk and helps ensure the integrity of the company’s data practices, regulation, and compliance.