A Blog by Jonathan Low


Jan 1, 2018

The Challenge of Getting Data's Governance Right

No one trusts anyone to make decisions regarding the use of data. So either tech will take steps to self-regulate to a much greater to degree than they already have - or it will be done for - and to - them. JL

David Zeichner comments in The Guardian:

The public feel anxious about the use to which their personal data may be put, and sceptical of data legislation, particularly regarding issues such as facial biometrics. Difficult ethical puzzles need to be addressed. Some will instinctively mistrust state bodies when it comes to data. Others will be wary of private sector usage.We have seen what happens when innovative technologies are promoted by commercial interests without understanding the trade-offs between risks and benefits.
Data, data everywhere – but will it make our lives better, or put us at risk? In recent months it has become clear that while the opportunities presented by ever-growing data are abundant, so too are the threats. That’s why we need better governance – a set of guiding principles as to how this new technology is used and developed – not least because misuse threatens to turn the public against such innovations.
Data breaches from companies including Uber and Morrisons have made headlines, but the ways in which corporations can use data legally, to develop artificial intelligence (AI) and pinpoint information for their own commercial uses, are less well publicised.
Concerns about the possible military uses of AI have grown to the point that over 20,000 researchers have recently signed a letter warning policy makers of the dangers of autonomous weapons that use algorithms to strike specific targets. A constituent of mine brought this matter to my attention a couple of weeks ago. It is shocking to learn about the relative ease and low cost of developing such technologies. Autonomous drones can be programmed to search for particular characteristics in those they hunt, and be controlled from afar without surveillance – all through data-driven algorithms. If that is what the market is developing, there is a very strong case for much stronger regulation and supervision. We need a code of ethics and governance, not simply for data protection, but to allow society to have a genuine say in how organisations are able to manipulate and utilise our data to their advantage, commercial, political or otherwise. It is, after all, our data, and protecting people must be the priority. Public assurance of the principles behind data legislation is key, and therefore communicating it in a way that people can understand is important. Serious work has been done on these issues, and I welcome the report on data governance recently produced by The British Academy and the Royal Society.
The report covers the context in which data governance needs to be set, and explains the ways in which society is changing and how data policy must take into account the risk of “data-related controversy” and history’s warning tales of how the “widespread adoption of new technologies can increase public anxiety, or result in major public controversy”. It also sets out what it calls principles for data governance, which are “needed to visibly shape all forms of data governance and ensure trustworthiness and trust in the management and use of data as a whole”. Visibility is key: it allows accountability and legitimises any governance laws introduced.
The British Academy and Royal Society consider that the overarching principle of data governance should be “the promotion of human flourishing”. While this may sound a touch idealistic to some, the points that they argue should underpin data governance are sound:
  • Protecting individual and collective rights and interests
  • Ensuring that trade-offs affected by data management and data use are made transparently, accountably and inclusively
  • Seek out good practices and learn from success and failure
  • Enhance existing democratic governance
The report also advocates a new body to steward the data landscape as a whole, rather than just in certain sectors and domains. This would be to support the delivery of data governance in accordance with the principles set out above, and set recommendations for improvement. It would be inclusive in its dialogue, and independent, while being connected to diverse communities.

And there are signs that the report’s suggestions have not gone unnoticed. The chancellor’s budget, rather overtaken by the ongoing Brexit shambles, proposed a new Centre for Data Ethics, a welcome development applauded by industry voice TechUK. However, the funding source for such a centre is not clear, and when I challenged the digital minister as to the relationship between this proposal and the Information Commissioner’s Office, his reply was vague. The government’s description of the proposed centre outlines “a world-first advisory body to enable and ensure safe, ethical innovation in artificial intelligence and data-driven technologies”, but does that have the strength or powers of governance that the data landscape currently needs? The new body could create further issues with its status in relation to the Information Commissioners Office, and it risks running into the problems of insufficient governance clout experienced in recent years by the ICO itself. We need to make sure that the diverse, inclusive and educational governance body envisaged by the Royal Society and British Academy come to fruition – and that it has the power to instigate change.
It is, then, yet to be seen what will be needed to accompany the Data Protection Bill currently making its way through parliament in order to protect citizens from data being used in a way that could cause public harm. As chair of the allparty parliamentary group on data analytics, I have heard from countless organisations campaigning for better civil protections – and from data-driven marketing organisations for whom data is like gold dust, and can be used to unlock business potential. It is unsurprising that the public feel anxious about the use to which their personal data may be put, and sceptical of data legislation, particularly regarding the recent media coverage of issues such as facial biometrics. Just this summer, Big Brother Watch reported that the Metropolitan police proposed trialling the use of cameras with facial recognition software to scan the faces in the crowds at Notting Hill Carnival, supposedly to alert them to people they feared might be out to make trouble. This AI software creates biometric algorithms of facial features. It may well be helpful to the police, but there hasn’t been any parliamentary debate about data being used in this way. The police aren’t doing anything wrong in the eyes of the law but, understandably, this kind of AI makes some people very uncomfortable. Quite apart from that, tech is not the future of proper policing, and current levels of inaccuracy make this approach risky. There are many false positive matches, and it means that innocent people are having biometrics created of their faces, without their permission.

We have therefore, a range of difficult ethical puzzles that need to be addressed. Some will instinctively mistrust state bodies when it comes to data. Others will be wary of private sector usage. The prospect of autonomous weapons being guided by algorithms over which there is no scrutiny should raise concerns everywhere. It is crucial that parliament works with the public to develop better data ethics regulation, and that there is governance that keeps everyone safe.
We have seen before what happens when innovative technologies are promoted by commercial interests without understanding the need for the public to be fully involved in decisions about trade-offs between risks and benefits. With new technologies posing similarly difficult questions, we need the right political and ethical structures to help ensure that everyone benefits. As politicians, it is our duty to develop data governance that keeps people safe and well, before anything else. If big data is to really encourage “human flourishing” and improve both quality of life and of work, it needs to primarily protect the interests of people, not profit.


Post a Comment