Follow us on:
Perspectives

Articles tagged with: IT Consequences

El Reglamento General de Protección de Datos y la IA

Thursday, 15 September 2016 Maria Jose de la Calle Posted in iTTi Views

"Todo interesado tendrá derecho a no ser objeto de una decisión basada  únicamente en el tratamiento automatizado, incluida la elaboración de perfiles, que produzca efectos jurídicos en él o le afecte significativamente de modo similar". Artículo 22, párrafo 1 del Reglamento (UE) 2016/679[i].

* * 

En el pasado mes de abril el Consejo de la Unión Europea y el Parlamento Europeo sancionaron el nuevo Reglamento General sobre Protección de Datos -Reglamento (UE) 2016/679 de 27/04/2016- que entró en vigor el 24 de mayo y que será de aplicación obligatoria en todos los países de la Unión a partir del 25 de mayo de 2018[ii]. 

Según una encuesta del Eurobarómetro[iii] realizada a principios del año 2015, el 81% de los europeos -el 85% de los españoles- dicen estar preocupados por no tener un control completo sobre la información facilitada a través de Internet, y un 69% -el 64% de los españoles-, por el posible uso que las empresas puedan hacer de los datos cedidos. 

Uno de los objetivos del Reglamento es el de permitir a los ciudadanos de la UE recobrar el control de sus datos personales. 

Para ello las normas recogidas en dicho Reglamento vienen a reforzar los derechos ya establecidos en la anterior directiva de 1995, con el derecho a la portabilidad de datos (artículo 20); aclaración del "derecho al olvido" (artículo 17) o el derecho a saber si los datos en poder de organismos o empresas han sido hackeados (artículo 34); además de facilitar el acceso a los datos propios en poder de terceros y a la forma en que éstos los traten. 

Concretamente, en el artículo 15 ("Derecho de acceso del interesado"), párrafo 1, apartado h, se establece que "[e]l interesado tendrá derecho a obtener del responsable del tratamiento confirmación de si se están tratando o no datos personales que le conciernen y, en tal caso, derecho de acceso a los datos personales y a ... la existencia de decisiones automatizadas, incluida la elaboración de perfiles, a que se refiere el artículo 22, ", artículo con el arrancaban estas reflexiones. 

Además, en el artículo 4 ("Definiciones"), apartado 4, se define la "elaboración de perfiles" como "toda forma de tratamiento automatizado de datos personales consistente en utilizar datos personales para evaluar determinados aspectos personales de una persona física, en particular para analizar o predecir aspectos relativos al rendimiento profesional, situación económica, salud, preferencias personales, intereses, fiabilidad, comportamiento, ubicación o movimientos de dicha persona física;". 

Hasta ahora, un tratamiento automatizado era completamente predecible en su comportamiento. No había más que seguir el código (programa informático) escrito al efecto y los datos de entrada que lo alimentaban, para conocer cómo trataba los referidos datos y cuál sería el resultado que se obtendría. Una máquina se programa indicándole instrucción por instrucción lo que debe realizar. A partir de ahí, salvo errores de funcionamiento, ella hará, únicamente, aquello para lo que se la ha programado. Más que decirle "qué debe hacer", se le dan una serie de instrucciones sobre "cómo debe hacerlo".

Consecuentemente, informar de cómo se ha llegado a un perfil determinado a partir de ciertos datos personales, y de las consecuencias previstas para el interesado, no parecen aspectos que impliquen una excesiva complejidad. 

Sin embargo, la llegada de la Inteligencia Artificial (IA) hace que esto esto comience a no resultar tan evidente (al menos de momento)[iv].

La IA podría definirse como un conjunto de algoritmos que, en mayor o menor medida, realizan sus funciones sobre la base de un reconocimiento del mundo natural y de un aprendizaje derivado de su interacción con aquel.

Dependiendo de los datos con los que se alimente a un sistema de IA y de su entrenamiento con humanos, los cuales evalúan su forma de actuar -evaluación que recoge la máquina como otro dato de aprendizaje-, dicho sistema será capaz de conducir un automóvil o un avión; de realizar una operación financiera, o un diagnóstico médico y sugerir el pertinente tratamiento; de recomendar la contratación de una persona para realizar una actividad dentro de la empresa, etc. 

Pero a diferencia de lo que ocurre en la programación tradicional, la programación de un sistema de IA busca decir QUÉ debe hacer. El CÓMO lo haga y sus resultados dependerán, en primer lugar, del entrenamiento que se le haya proporcionado; esto es, de los datos con los que que se le haya alimentado y de los expertos que lo hayan dirigido. En segundo lugar, cuando en un momento dado se le solicite llevar a cabo una determinada acción, el cómo la realice dependerá de los datos que le lleguen. Se trata de un modo de funcionamiento no determinista.

Esto supone que el hecho de poder informar de la lógica de una elaboración de perfil, si se ha hecho con IA, no siempre resultará posible (por ahora). Ello, aparentemente, puede resultar un poco raro ya que la IA no deja de ser una herramienta hecha por humanos; aunque estos no siempre la entiendan. Todo ello supone un reto para los investigadores en Inteligencia Artificial, ya que "los algoritmos no sólo tienen que ser eficientes, tienen que ser transparentes y justos"[v]. 

"Los algoritmos pueden hacer sistemas más inteligentes, sin embargo, sin añadir un poco de sentido común a la ecuación, pueden producir algunos resultados extraños." Stephen F. DeAngelis, Presidente and CEO de Enterra Solutions.[vi]

* * *

Este artículo fué publicado originalmente por ComunicacionesHoy, nº 155, 24-08-2016. Referencia: Regulación/ Opinión, pg.13 – "El Reglamento General de Protección de Datos y la IA" – María José de la Calle.  

----------------------------------------

[i] A lo largo del texto aparecen citados distintos artículos del Reglamento General sobre Protección de Datos, que se puede consultar en url [a 16-07-2016]   http://eur-lex.europa.eu/legal-content/EN/TXT/?qid=1473958690793&uri=CELEX:32016R0679 

[ii] "Reform of EU data protection rules". European Comission/ Justice. url [a 16-07-2016] http://ec.europa.eu/justice/data-protection/reform/index_en.htm  

[iii] Eurobarómetro, Comisión Europea. Mar 2015. url [a 16-07-2016] http://ec.europa.eu/public_opinion/archives/ebs/ebs_431_fact_es_es.pdf 

[iv] Cade Metz, 11 Jul, 2016, "Artificial Intelligence Is Setting Up the Internet for a Huge Clash With Europe". Wired. url [a 16-07-2016] http://www.wired.com/2016/07/artificial-intelligence-setting-internet-huge-clash-europe/?mbid=nl_71116_p3 

[v] "algorithms are not merely efficient, but transparent and fair." Bryce Goodman, Seth Flaxman, 28 Jun, 2016. "EU regulations on algorithmic decision-making and a “right to explanation”". url [a 16-07-2016] http://arxiv.org/pdf/1606.08813v1.pdf 

[vi] "Algorithms can make systems smarter, but without adding a little common sense into the equation they can still produce some pretty bizarre results." Stephen F. Deangelis, 2014. "Artificial Intelligence: How Algorithms Make Systems Smart". Wired. url [a 16-07-2016] http://www.wired.com/insights/2014/09/artificial-intelligence-algorithms-2/ 

 

On the Impact of the Internet on Whistleblowing

Sunday, 31 May 2015 Manolo Palao Posted in iTTi Views

Some people act according to their ethical / social / political beliefs and they act that way in spite of the costs and risks that such an attitude might entail. 

The behavior of many of them deviates often from their declared ideals, but in other cases it is pretty consistent. 

Occasionally, the price they pay is high and sometimes so high that —if publicly known— they are considered heroes, prophets or martyrs. 

If their sets of beliefs and their actions collide with the interests of the establishment, they are often proscribed as revolutionaries or criminals. 

But public opinion (except in non-democratic societies) is not monolithic and –for this reason­– individuals considered criminals by certain groups may be considered saints by others. 

The Internet (in those societies where it has already become a commodity) grants a powerful tool easy to use, with low-entry barriers, to propagate activism and hacktivism and is a field of operations for black and white hats.  

The ease of use and relative anonymity / impunity of the Internet may be a new mean for whistleblowers (who previously used the post or the newspapers) but it is hard to accept that it fosters the disclosure of wrongdoings. 

A different story is the strong pull effect of cases like WikiLeaks or Snowden.

The media (and in particular the group of syndicated newspapers that covered the WikiLeaks case) played a significant role, providing / increasing WikiLeaks’ legitimacy and meant an awakening for millions of citizens. 

And this cooperative relationship / reinforcement media-whistleblowers is apparently frequent, with its ups and downs. 

Prof. Gabriella Coleman [i] from McGill University, who has researched for years the cultures of hacking and digital activism, covers that issue —among many others— in an interesting book [ii], reporting a visit to the Canadian Security Intelligence Service (CSIS), the Canadian equivalent of the CIA, emphasized the role of the press. 

Mr. Ben Wizner [iii], Director of the Speech, Privacy, and Technology Project at American Civil Liberties Union, takes a similar stance [iv].

The current amplifying effect of the media and social networks is amazing. 

Bruce Schneier [v] has estimated [vi] that 700 million people modified their behavior as a result of Snowden’s disclosures, even if the mainstream media coverage was limited and biased by sorting out and publishing only the less technical issues.

* * *

----------------------------------

[i] http://gabriellacoleman.org  http://en.wikipedia.org/wiki/Gabriella_Coleman 

[ii] “The joke opened the door to further conversation concerning the media's central role in amplifying the power of Anonymous. One CSIS agent shared his anger at the media for making this collective of collectives more powerful than they ought to have been. I was, I have to admit, relishing the fact that the G-men and Anons, mutually opposed at one level, were nevertheless (very loosely) allied in holding an ambivalent attitude toward the mass media. We all agreed that the media had helped to make Anonymous what it was today” [emphasis, mine].  Coleman, G. (2014). Hacker, Hoaxer, Whistleblower, Spy: The Many Faces of Anonymous ISBN 9781781685839. Introduction. “I did it for the lulz”. 

[iii] https://www.aclu.org/bio/ben-wizner  

[iv] “So I think the journalists play a very, very vital role. Now I think that they have played that role extremely responsibly. I haven't heard of a single case where a journalist reporting on the Snowden documents has done so without first consulting with the governments that are most relevant and would be most affected.” Retrieved 20150531  from https://www.youtube.com/watch?v=0_AtTPh_ySo&feature=youtu.be&t=42 

[v] https://www.schneier.com 

[vi] “And running the numbers, I calculated that 700 million people on this planet have changed their behavior because of the Snowden documents of the NSA's activities. Now, maybe they didn't really change their behaviour very much, maybe it wasn't effective, but I can't think of another issue that changed the behaviour of 700 million people on this planet”. Retrieved 20150531  from https://www.youtube.com/watch?v=9F6gc8ToXjA&feature=youtu.be 

 

Digitization: Opportunities, Threats and Company Models

Sunday, 17 August 2014 Manolo Palao Posted in iTTi Views

The MIT Center for Information Systems Research (CISR) has recently published another Research Briefing [i] with partial disclosures of results of the ambitious research project on next-generation businesses, directed by Prof. Weill [ii],[iii]. 

The project is “trying to understand what the next generation enterprise will be like in five to seven years.” Its “key insight” is that “businesses have the opportunity to move from value chains to ecosystems”, thus replacing the old seminal Porter’s paradigm [iv]. A business ecosystems being “a coordinated network of enterprises, devices, and consumers that creates value”. 

This concept of ‘business ecosystem’ is an update or generalization, from a digital perspective, of the ‘extended enterprise’ concept [v]. Ecosystems are companies that are “e.g., more networked, with more shared information and feedback loops”. “Ecosystems typically have two kinds of players: drivers, who set the rules; and participants…” .

The project maps in a 2x2 grid (Fig. 1) the variety of business models of the 30 (large) companies studied. Its horizontal axis is the continuum of business designs ranging from ‘value chain’ to ‘ecosystem’. Its vertical axis is the depth of knowledge the company has of its end consumer, continually growing from none, little and partial to complete.

Captura de pantalla 2014-08-17 a las 14.45.29 

  (The quotations [“ “] above are from Weill 2013, those following are from Weill    2014 ).

Digitization offers important opportunities to enterprises and entails risks. The most significant opportunity is probably that “it can leverage a strong customer relationship and increase cross-selling opportunities”. “… the threats are often real and immediate … in this newly digital multichannel world … enterprises in other industries that had relationships with their customers and were able to offer competing products and services.” More about this, below. 

The project has identified the critical issues that characterize the impact of digitization in a company. They are presented as a 7 questions questionnaire, all questions weighing the same. They refer initially to the company’s “bestselling product or service” but should be further applied to the remaining products / services. 

Five of the questions are about the current or future ‘digital nature’ of the product / service: can it be digitally specified, searched, ordered, delivered, improved, or made more valuable? A sixth one is whether it can be replaced with an alternative digital offering. And the seventh is about the risk of other industries -having access to your own customers- deciding to offer it.

Fifty-five percent (55%) within a group of over one hundred executives scored over 70%: “… significant [“red-zone”] impact from digitization. … 67% of respondents said they were experiencing a red-zone level of threat from enterprises in other industries that had relationships with their customers and were able to offer competing products or services…” (e.g.: financial services provided by other sector’s vast networks). 

The project has identified “two very interesting trends”. The first one is a “movement [first] up and [then] to the right” (Fig. 1). It is expected that there will be one Ecosystem Driver per sector (retail, financial services, healthcare, etc.) [vi]. The second trend is “around Modular Producers … “[Where] we expect to see the top one to three players dominate in each niche…”.

Each of the four next-generation enterprise models shows different relative performances (as measured along 3 indicators: time to market, profitability and revenue growth). 

Ecosystem Drivers are the best performers on time to market and revenue growth. Omnichannels are the leaders on profitability. 

* * * 

--------------------------------------------------

[i] (Weill 2014). Weill, P. and Woerner, S. L.  Digitization: Threat or Opportunity? MIT Sloan CISR Research Briefing, Vol. XIII, No. 4, April 2013. Retrieved 20140815. May require registration. 

[ii] How Digitization is Driving the Next-Generation Enterprise. Retrieved 20140815.

[iii] (Weill 2013). Weill, P. and Woerner, S. L. The Next-Generation Enterprise: Thriving in an Increasingly Digital Ecosystem, MIT Sloan CISR Research Briefing, Vol. XIII, No. 4, April 2013. Retrieved 20140815. May require registration.

[iv] Porter, M. E. (1985). Competitive Advantage: Creating and Sustaining Superior Performance. New York.: Simon and Schuster. Retrieved 20140815.

[v] Extended enterprise. Retrieved 20140815. 

[vi] The Weill 2014 briefing comments on the Spanish-based bank BBVA (a CISR Sponsor) efforts to become an Ecosystem Driver.

 

Publícitis

To find out more about the cookies we use and how to delete them, see our privacy policy.

I accept cookies from this site.
EU Cookie Directive plugin by www.channeldigital.co.uk