BCS raises concerns about AI and GDPR
08:00 Wednesday, 03 November 2021
UK Cyber Security Council
The British Computer Society (BCS) spoke up in October 2021 to voice concerns about the UK government’s intentions to revise its version of the General Data Protection Regulation (GDPR) – a concept that is presently the subject of a DCMS consultation. The BCS’s specific worry concerns an Article within the law that is highly relevant to a key skill in the cyber security – Artificial Intelligence (AI).
Article 22 is entitled “Automated individual decision-making, including profiling”, and states: “The data subject shall have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning him or her or similarly significantly affects him or her”. This means that people can insist that where a computer is making decisions – which of course happens increasingly using AI algorithms these days – they have the legal right to demand that the decision be reviewed by a human being.
The BCS is concerned that the review of the UK’s data protection legislation will erode this right, at least in part, and has called upon the government to retain Article 22 for the moment, while (in its words) “AI is still in its infancy”.
More information about the BCS’s view, which includes more in-depth discussion of the clauses of Article 22, is on the Society’s web site.