Notes |
Elizabeth M. R.
Global Policy Counsel, Evernym
Washington, District Of Columbia
Connect Connect with Elizabeth M. R.
More actions
Evernym, Inc. Harvard University
Harvard University
See contact info
See contact info
See connections (500+)
500+ connections
Experienced attorney (NY & DC), consultant, policy advisor, writer, and frequent public speaker. Expertise in digital and self-sovereign identity, blockchain and cryptocurrencies, privacy and data protection (CIPP/US, CIPP/E), artificial intelligence and machine learning, and emerging technologies.
Articles & activity
2,369 followers
GDPR Compliance in the Age of Robots
Elizabeth M.’s profile photo
Elizabeth M. R.
Published on LinkedIn
As we approach the May 2018 implementation deadline for compliance with the EU's General Data Protection Regulation (GDPR) (Regulation (EU) 2016/679), I cannot help but wonder what compliance with privacy and data protection laws and regulations will look like in an age of increasing automation and intelligent machines. Specifically, I've been thinking about how emerging technologies like artificial intelligence (AI), machine learning, deep learning, and blockchain and other distributed ledger technologies (DLT) will transform, and potentially even outpace, attempts at compliance. Whereas compliance in the age of big data has traditionally focused on quantitative challenges, these technologies will present qualitatively new challenges for complying with laws like the GDPR. Take, for example, the right of access (and the related notion of transparency), a foundational and essential element of nearly all data protection schemes and fair information privacy practices worldwide. Article 15 of the GDPR enshrines this right of access and stipulates the information to be provided to a data subject requesting access to his or her data, including "the existence of automated decision-making, including profiling . . . and, at least in those cases, meaningful information about the logic involved, as well as the significance and the envisaged consequences of such processing for the data subject." Moreover, Article 12 of the GDPR requires a data controller to provide information requested by a data subject in a "concise, transparent, intelligible and easily accessible form, using clear and plain language." Finally, in the context of automated decision-making, Article 22 provides that the data subject must have "at least the right to obtain human intervention on the part of the data controller, to express his or her point of view and to contest the decision." While access rights are not a new concept, giving them effect may be increasingly complicated in the face of emerging technologies that manage our personal data. For example, how will data controllers provide data subjects with "meaningful information about the logic involved" in technology products and services that depend on complex algorithms, advanced cryptography, and things that technologists and computer scientists themselves cannot even explain, as in the case of deep neural networks (DNNs) and other deep learning tools that teach themselves? And, even if they were able to explain how these technologies work, how will data controllers provide the information in "clear and plain language" as required by the GDPR? Will a domain-specific language be enough? Or does the solution lie in a totally new paradigm for data ownership and another emerging technology like blockchain where the concepts of "data controller" and "data subject" may be rendered meaningless? Finally, how will we give effect to the human intervention requirement in an age of AI and robots? These are just some of the questions I'll be exploring in the lead up to May 2018.
19 Likes 6 Comments
Like
Comment
Share
See all articles
View Daniel’s profile
I'm agreeing with you :)
Elizabeth M. replied to a comment
1 Like
View Jules’ profile
Great opportunity with an organization doing important work.
Elizabeth M. shared this
2 Likes
No alt text provided for this image
How exciting Sam!
Elizabeth M. commented
1 Like
See all activity
Experience
Evernym, Inc.
Global Policy Counsel
Company NameEvernym, Inc.
Dates Employed2018 – Present
Employment Durationless than a year
Self-sovereign identity; trust frameworks; blockchain
IOUze
Advisor
Company NameIOUze
Dates Employed2018 – Present
Employment Durationless than a year
CULedger
Advisor
Company NameCULedger
Dates Employed2018 – Present
Employment Durationless than a year
Ouroboros LLP
Principal
Company NameOuroboros LLP
Dates Employed2017 – 2018
Employment Duration1 yr
LocationWashington D.C. Metro Area
Blockchain, cryptocurrencies, emerging tech; privacy & data protection
Civic Technologies
General Counsel
Company NameCivic Technologies
Dates EmployedJul 2017 – Oct 2017
Employment Duration4 mos
LocationSan Francisco Bay Area
Digital identity; blockchain & cryptocurrencies
Show 5 more experiences
Education
Harvard University
Harvard University
Degree NameAB Field Of StudyGovernment, Classics
Dates attended or expected graduation 2002 – 2006
Vanderbilt University
Vanderbilt University
Degree NameJD
Dates attended or expected graduation 2007 – 2010
London School of Economics and Political Science
London School of Economics and Political Science
Degree NameMaster of Laws (LLM) Field Of StudyIntellectual Property Law, Cultural Property Law
Dates attended or expected graduation 2012 – 2013
Townsend Harris High School
Townsend Harris High School
|