Will Cloud-based AI Increase Your Legal Risk?
Disclaimer: The views and opinions expressed in this article are solely my own and do not necessarily represent the views, policies, or positions of my employer or any affiliated organizations. Any analysis or commentary provided here reflects my personal perspective and should not be construed as official advice or guidance from my company.
Right now, every industry, from entertainment to manufacturing, is buzzing about AI—from generative AIs like ChatGPT to AIs analyzing large data sets to spot trends. Everyone hopes to increase customer engagement and design new products or service that put them on the forefront. Without a doubt the use of AI is transforming how we use data and how we work.
Currently, many commercial public cloud providers are leading the charge in AI use, allowing their customers to benefit from AI-based cloud services. Google Cloud, Amazon Web Services, and Microsoft Azure all offer robust AI capabilities to improve users’ engagement, help design better products, or anticipate consumers’ needs before they are even expressed. However, using cloud-based AI may unintentionally put many organizations at legal risk regarding data residency and data sovereignty.
As rights-based control of one’s personal data expands globally, organizations need to be cognizant of what data is being processed and where. Leading the way regarding personal data ownership and control was GDPR in the European Union. However, that is just the tip of the iceberg, as rights-based approaches to personal data continue to expand across regions, nations, states, and even industries. In the U.S.—a host of new data privacy laws going into effect in 2023 across various states may transform how personal data is handled.*1 Given the widespread use of AI-based analysis of personal information and even biometrics—organizations like the Federal Trade Commission are wary of how biases in AI may economically and legally impact private citizens.*2 the courts in every region are already working through exactly how companies, government agencies, and industries can use personal data.
Because there is such value in analyzing and using personal data combined with AI-based cloud services, organizations everywhere seek to gain competitive advantages and build customer loyalty. However, their use may put your company afoul the many laws and regulations regarding how personal and customer data may be used and where it may be stored and processed. Most organizations simply don’t have the legal bandwidth, much less the on-premises computing power, to keep abreast of the constant regulatory changes and AI improvements. Simply put, organizations wishing to benefit from AI and reduce their legal risks around data residency and data sovereignty need solutions for using AI-based cloud services.
Perhaps the easiest and fastest way to benefit from AI capabilities offered by public cloud providers like Google, Amazon, and Microsoft whilst mitigating legal risks is to implement a sovereign cloud. A correctly implemented sovereign cloud acts as a gatekeeper for where your customers and your company’s data is stored and processed and what data can be sent to external cloud services. While the concept is straightforward, the challenge for many organizations will be properly implementing their sovereign cloud. Each region, nation, or state may have different legal requirements for collecting, storing, processing, and using personal data.
Regional providers of sovereign cloud capabilities are the answer. Ideally, these providers should be supported by industry-leading technology providers, too. Broadcom has stepped up to the plate and is leading the charge when it comes to helping companies implement sovereign clouds.
Companies that implement VMware Sovereign Cloud will immediately benefit from:
Ensured Data Privacy and Sovereignty All of your sensitive data, including metadata, remains under sovereign control, preventing compelled access by foreign authorities that could violate data privacy laws.
Boosted Security and Compliance Protect your applications and data against rapidly evolving attack vectors while maintaining continuous compliance with a trusted platform, built-in frameworks, and local experts.
Future-Proofed Infrastructure React quickly to changing data privacy regulations, security threats, and geopolitics. Avoid cloud vendor lock-in with portability for workloads, applications, and data.
Unlocked Data Value Securely share and analyze data with trusted partners to fuel innovation without violating privacy laws. Data integrity is protected to provide accurate insights.
Companies should embrace cloud-based AI services as the next frontier in the digital economy but need to do so in a thoughtful and careful manner as the legal landscape around AI use and personal data rights is constantly developing. The best way to take advantage of AI now while reducing legal risk around data use is to implement a sovereign cloud!
Sources:
1. Reuters. U.S. Data Laws to Enter New Era in 2023. 12 January 2023.