Editor's note: The IAPP is policy neutral. We publish contributed opinion and analysis pieces to enable our members to hear a broad spectrum of views in our domains.
Last week in Sydney, Australia, the IAPP held its most successful ANZ Summit yet, with over 500 attendees spanning government, legal, finance, software and information technology services, health care, and many other industries. I am particularly pleased to note the highest percentage of New Zealanders attended since the COVID-19 pandemic. Ka pai koutou katoa.
The event delivered truly exceptional thought leadership and discussion, with keynotes from New Zealand Privacy Commissioner Michael Webster, Australian Information Commissioner Elizabeth Tydd, Director Technology at the Human Technology Institute Sally Cripps, and IAPP President and CEO J. Trevor Hughes, CIPP. The keynotes were perfect for setting the tone for the summit, which was defined by several high-level themes.
First, IAPP members are truly starting to grapple with the broader and more complex topic of digital responsibility, which encompasses sub-domains of privacy, ethics, artificial intelligence governance, data governance, cyber security and risk. It is no longer possible for a privacy professional to focus solely on the matter of privacy. They must have a working knowledge, at least, of these other sub-domains.
This evolution of mandate for privacy professionals came up across many sessions, including in relation to the completion of privacy impact assessments, the development of guardrails for managing AI risk, and the need to collaborate more effectively with other subject matter experts.
Second, this broader mandate is impacting the work of privacy regulators, too. Webster and Tydd both spoke about the wider scope of issues they investigate and the need to deliver more guidance to organizations about the adoption of higher-risk technologies, including biometrics and AI. Increasingly, these regulators are focusing on governance, trust and accountability to ensure new technologies are deployed safely and responsibly.
Third, this reliance on organizational and regulatory willingness to lean on soft measures to guide the responsible use of technology — such as guidance, guardrails and voluntary frameworks — is necessary because, as Hughes so eloquently put it, "innovation challenges norms, and the law is a lagging response." For this reason, organizations must ensure trust is built into new technologies. This trust will allow innovation to move faster.
Fourth, as organizations start to deploy AI technologies and tools to make automated decisions, they must remember the human at the center of these processes. While new technologies can increase efficiency, reduce costs and, perhaps, even improve customer experience, they also have the potential to cause harm to people if they are deployed carelessly.
This will require organizations to focus primarily on the impact of decision-making, to ensure that any risks to affected people — such as through bias or hallucinations — are identified and minimized. Due to the risk of automation bias, the old "human in the loop" safeguard may not be enough.
Finally, technology is moving faster than we might realize. A somewhat alarming session on neurotechnology revealed that we are already capable of creating technology that can predict decisions before an individual makes them. Australian Human Rights Commissioner Lorraine Finlay wisely cautioned about the potential for neurotechnologies to be used by state or non-state actors to influence political processes or manipulate people and warned it is crucial to establish regulations and guardrails before the technology develops further or makes its way into consumer products.
There is no doubt that the next few years will bring immense challenges for privacy professionals, and significant potential risks for individuals. Events like the IAPP ANZ Summit are a critical enabler for important discussion to take place, ensuring we can be the voice of reason and responsibility in the face of constant innovation.
Daimhin Warner, CIPP/E, is the country leader, New Zealand, for the IAPP.
This article originally appeared in the Asia-Pacific Dashboard Digest, a free weekly IAPP newsletter. Subscriptions to this and other IAPP newsletters can be found here.
