The ICO’s AI auditing framework: achieving data protection-compliance when using artificial intelligence

Applications of Artificial Intelligence (AI) are starting to permeate many aspects of our lives. We see new and innovative uses of this technology every day: in health care, recruitment, commerce.

At the Information Commissioner’s Office, we are responsible for upholding information rights in the UK. We understand the benefits that AI can bring to organisations and individuals. But there are risks too.That’s why AI is one of our priorities, and why we decided to develop an AI auditing framework.

The framework will give us a solid methodology to audit AI applications and ensure they are lawful, fair and transparent; and to ensure that the necessary measures to assess and manage data protection risks arising from them are in place. The framework will support the work of our investigation and assurance teams when assessing the compliance of data controllers using AI.

We wanted to share the thinking behind it, that is, to inform organisations about what we think constitutes best practice for data
protection-compliant AI. This talk will take you through our recently published draft guidance.