Digital Privacy AI (trust + data protection) / GDPR

Question 1

What is AI ?

Answer 1

Machine based system that can do predictions, recommendations and decisions using machine and human inputs (performs tasks in similar ways to human)
=> AI is limited for certain tasks

Question 2

AI risks

Answer 2

Misbehavior of AI
Bias
Abuse of AI systems by humans
Black box algorithms

Question 3

EU artifice intelligence act (AI act)

Answer 3

1st law to regulate AI systems
Risk based approach

1. Unacceptable risk (social scoring)
2. High risk (specific requirements for risk management)
3. Limited risk (transparency obligation)
4. Low risk (exempt from regulation)

Question 4

What makes AI more reliant?

Answer 4

Transparency and reliability

Question 5

Problems of Black box algorithms ?

Answer 5

opaque AI systems, no information about how AI takes decisions and actions

Question 6

Solution of Black box algorithms ?

Answer 6

Explainable AI (XAI):

=> makes AI more transparent by providing clear explanations of their decisions => transform into glass boxes
=> Transparency helps users to understand how AI models work (improving performance and building trust)

Question 7

EU digital strategy

Answer 7

1. Technology in the interest of humanity
2. Democratic and sustainable society
3. Fair and competitive economy

Question 8

Trust is distinguished by

Answer 8

Control
Cooperation
Confidence
Predictability

Question 9

Propensity

Answer 9

tendency to trust based on experience (gender, age, cultural background)

Question 10

Key factors influencing trust

Answer 10

Performance
Process
Purpose

Question 11

Trust definition

Answer 11

bridge in the relationship between a truster and a trustee, in a function to reduce complexity (heuristic) and include a willingness to take risks

Question 12

Digital Trust radar tool (DTR)

Answer 12

filters and access specific guidelines on responsible and trustworthy AI

Question 13

Data privacy

Answer 13

protects our personality and fundamental rights (foundation of our democracy)

Question 14

Data protection

Answer 14

Data relating to an identified or identifiable natural person

Question 15

Processing should be:

Answer 15

lawful
appropriate
proportional
transparent
accurate

Question 16

Consent must be given…

Answer 16

voluntarily and explicitely

Question 17

High risk in data processing

Answer 17

arises from the use of new technologies (in particular concerning sensitive personal data, health ethnicity)

Question 18

Data Protection Impact assessment (DPIA)

Answer 18

=> tool for evaluation on data processing
=> analyzes documents and evaluates data processing and its risks to identify and reduce them
=> contains measures to protect privacy and fundamental rights

Question 19

Data compliance

Answer 19

refers to law, regulations and industry standards related to data privacy
=> ensures that data is collected, stored, processed and transmitted in a secure and ethical manner (respecting rights to privacy)

Question 20

Core GDPR principle

Answer 20

Data protection by design & by default

=> ORG should implement technical and organizational measures to makes sure that systems and processes are designed around data privacy

Question 21

Condition of data processing

Answer 21

when there is lawful basis allowing the processing of the data OR data subject gives clear affirmation of consent (revocable at any time)

Question 22

Why documentation requirements ?

Answer 22

data collection and processing must be documented
=> allow ORG to maintain overview of where personal data is used (which system and the reason)

Question 23

companies processing personal data systematically should nominate a..

Answer 23

data protection officer (DPO)

Question 24

Roles

Answer 24

Data subject (interest in the protection of data)
Data controller (set purpose and means of the processing)
Data processor (processes on behalf of the controller)

Question 25

Processing

Answer 25

any operation performed on personal data

Question 26

GDPR regulates ?

Answer 26

regulate the processing and using of personal data of European citizens

Question 27

Personal data

Answer 27

Any information relating to an identifiable or identified natural personal