Artificial intelligence (AI) is a part of everyday life. Daily schedules are organized using voice assistants. Streaming services offer recommendations for movies to watch. AI helps manufacturers create new and better products. It can also be used to predict and prevent the spread of bushfires.
In a world where AI is everywhere, it is crucial to have corresponding governance and compliance processes in place. This helps ensure transparency, address personal privacy and data privacy considerations, and fosters a commitment to ethical AI.
The discourse surrounding AI ethics and governance has advanced in recent years, and governments and international organizations have begun issuing principles, frameworks and recommendations accordingly:
- Singapore issued the Model AI Governance Framework, a sector-, technology-, scale-, business model- and algorithm-agnostic framework that converts relevant ethical principles to practices that can be implemented throughout an AI deployment process. This enables organizations to operationalize the principles.
- The Australian government released the AI Ethics Framework that guides organizations and governments in responsibly designing, developing and implementing AI.
- The European Commission proposed what would be the first legal framework for AI, which addresses the risk of AI and aims to provide AI developers, deployers and users with a clear understanding of the requirements for specific uses of AI.
- The University of Turku (Finland), in coordination with a team of academic and industry partners, formed a consortium and created the Artificial Intelligence Governance and Auditing (AIGA) Framework, which illustrates a detailed and comprehensive AI governance life cycle that supports the responsible use of AI.
There are several elements that the mentioned AI governance frameworks and principles have in common. These components can be used by an organization to inform its own AI governance strategy.
Internal Governance Structures and Measures
First and foremost, effective AI governance requires that internal organizational structures, roles and responsibilities, performance measures and accountability be defined for the outcomes of the AI systems. It is important to understand how AI technologies can inspire innovation within the organization and maximize productivity and return on investment (ROI). It is equally important to consider the ethical aspects of AI technology (i.e., privacy), since as advancements in AI continue to be made, it is likely that a point will be reached during which computers will be able to program themselves and absorb even more vast quantities of new information. Similarly, ever-increasing use of AI in the privacy domain has enabled organizations to collect data on individuals including their shopping patterns, social media posts, location information and more. Because of the highly sensitive nature of this information, organizations must define clear roles and responsibilities pertaining to AI, encompassing all staff, from senior management to middle management and developers. Personnel should be made aware of the ethical and governance considerations of AI and be provided with the resources and guidance needed to discharge their duties pertaining to AI governance and ethics.
Human Involvement
Organizations must take a risk-based approach to ensure that humans have a say in AI-augmented decision-making. A critical aspect of any AI system is that it benefits individuals, society and the environment. AI systems should respect the dignity, privacy, diversity and autonomy of individuals. Systems should be inclusive and accessible and should not involve any unfair discrimination against individuals, communities, or groups.
Operations Management
Any mature AI governance framework should address the operational management of AI. Organizations must ensure that AI systems respect and uphold privacy rights and data protection to ensure the security of data. Enterprises should also be able to identify potential security vulnerabilities and implement resilience measures that are proportionate to the magnitude of potential risk, to fare better against adversarial attacks. AI systems should be monitored and tested to ensure that they continue to meet requirements without compromising the ethics and governance of the organization.
Stakeholder Interaction and Communication
It is important for any AI governance framework to address transparency in communication with all relevant parties—including but not limited to employees and stakeholders—so that they can understand when they are being significantly impacted by AI. There should be a timely process to allow people to challenge the use or outcomes of the AI system. Organizations should develop a policy for governing AI and communicate with customers and stakeholders about how AI works, its expected outcomes and benefits, and how it is used to make decisions that impact customers.
Conclusion
As AI technologies evolve, ethical and governance issues will do so in tandem. Enterprises can reap considerable benefits by committing to ethical AI. Such a commitment can enhance trust in the product or brand, drive consumer loyalty and help prevent negative experiences with AI-enabled services. At the same time, governments need to engage with the community and clarify how AI is developed and used. Organizations must ensure alignment and compliance of their respective AI governance models and frameworks with international standards such as the International Organization for Standardization (ISO) standards and guidelines, best practices, and respective laws and regulations. Organizations need to engage with competent auditors and assessors periodically to assess the effectiveness of governance and management of AI systems.
Hafiz Sheikh Adnan Ahmed
Is a futurist and technology/information security leader with more than 17 years of experience in the areas of information and communications technology (ICT) governance, cybersecurity, resilience, data privacy and protection, risk management, enterprise excellence and innovation, and digital and strategic transformation. He is a strategic thinker, writer, certified trainer, global mentor and advisor with proven leadership and organizational skills in empowering high-performing technology teams. He is a certified data protection officer and earned Chief Information Security Officer (ACISO) of the Year awards in 2021 and 2022, granted by GCC Security Symposium Middle East and Cyber Sentinels Middle East, respectively. Ahmed is a public speaker and conducts regular training, workshops, and webinars on the latest trends and technologies in the fields of digital transformation, information and cybersecurity, and data privacy. He volunteers at the global level of ISACA® in different working groups and forums. He can be contacted through email at hafiz.ahmed@azaanbiservices.com and LinkedIn at https://ae.linkedin.com/in/adnanahmed16.