The Recommendations Regarding Data Protection in the Field of Artificial Intelligence – JD Supra

admin on October 2, 2021 Leave a Comment

The Recommendations on Data Protection in the Field of Artificial Intelligence (the "Recommendations") was published by the Turkish Personal Data Protection Authority (the "DPA")1 on its website on 15 September 2021.

The scope of the Recommendations address the Developers, Manufacturers, Service Providers and Decision Makers in accordance with the Law on the Protection of Personal Data numbered 6698 and its secondary legislation (the "Law"). This is the first time that DPA has published a document regarding data protection regarding AI-based applications.

The Recommendations consist of three parts, namely: (i) general recommendations; (ii) the recommendations for developers; manufacturers and service providers and (iii) recommendations for decision makers.

Under the Recommendations the term Artificial Intelligence (the "AI") is defined as the human-specific abilities to be analysed and passed to machines. The AI focuses on creating algorithms and computer software, which can think, interpret and make decisions as humans.

The Recommendations put forward the definitions of Developer, Manufacturer and Service Provider but do not define the Decision Maker. Considering the European Union documents on the issue, we believe that Decision Maker corresponds to the legislative organ and policy makers.

Further while the Developers are introduced as any real persons or legal entities developing content or application for the AI systems whereas the Manufacturers are real persons or legal entities who produce any products such as software and hardware systems that constitutes these systems.

Service Providers are defined as any real people or legal entities who offer a product and/or service using the AI based systems, data collection systems, software or devices under the Recommendations.

Under the General Recommendations section, the importance of protecting fundamental rights and freedoms of real persons whose data are being processed (the "Data Subject") in the process of developing and applying the AIs is emphasized.

In this context, the right to protection of human dignity should be respected and the principles of "compliance with the law, fairness, proportionality, transparency, accuracy and accuracy of personal data, specific and limited purpose of the use of personal data" should be a basis for the AI developments relying on the processing of personal data and data collection.

Considering the individual and social effects of the data processing activity conducted by the AI, the Data Subject should have the control over. The Recommendations include further guidelines on the issue for everyone working in the field.

Regarding AI developments relying on the processing of personal data;

While developing and applying artificial intelligence technologies, if reaching to the same result is possible without processing personal data, the data should be processed by anonymization3.

Pursuant to the Recommendations, an approach that complies with national and international regulations which respects data privacy should be adopted in AI-oriented designs. In addition, Data Subject's rights regarding their personal data arising from both national and international regulations should be preserved.

Together with these, the points below are stressed in the scope of the Recommendations:

This section includes advices for Decision Makers who are working in the field of personal data protection.

Pursuant to the Recommendations, the Decisions Makers should:

This is the first time that DPA has published recommendations regarding AI-based applications. Since EU has been focusing on AI based works heavily, we believe the Recommendations published by DPA is a result of getting under this influence. While considering the DPA's Recommendations, the principles of human agency and oversight; privacy and data governance; transparency; diversity, non-discrimination and fairness and accountability should also be taken into account.

Although the recommendations presented are general and each of them are different matters of debate, this document signals the AI ethics as a rising toping that we can expect to hear more.

Click here to download 'The Recommendations Regarding Data Protection in the Field of Artificial Intelligence' PDF in Turkish.

1 https://www.kvkk.gov.tr/Icerik/7048/Yapay-Zeka-Alaninda-Kisisel-Verilerin-Korunmasina-Dair-Tavsiyeler2 According to the Article 6 of the Law, "personal data relating to the race, ethnic origin, political opinion, philosophical belief, religion, religious sect or other belief, appearance, membership to associations, foundations or trade-unions, data concerning health, sexual life, criminal convictions and security measures, and the biometric and genetic data" are deemed to be special categories of personal data.3 According to the Article 3 of the Law, anonymization is defined as "rendering personal data impossible to link with an identified or identifiable natural person, even through matching them with other data".

Selin Kaledelen (Associate), Elif Engin (Legal Intern)and Deniz Alkan (Summer Intern) of GKC Partners authored this publication.

[View source.]

See the original post:
The Recommendations Regarding Data Protection in the Field of Artificial Intelligence - JD Supra

Related Posts
Posted in Artificial Intelligence

Comments are closed.