Skip to main content

Privacy and data protection

Instruction and application
Complete

Understanding ethical frameworks is only part of responsible AI. You also need to comply with privacy legislation and implement practical controls to protect personal data.

The importance of data privacy

AI systems rely on large datasets to detect patterns and automate decisions. If data is collected, processed or stored poorly, organisations face serious risks including breaches, identity theft, surveillance misuse, legal penalties and loss of trust.

Why AI poses unique privacy risks

  • AI processes large, often multi-source datasets, which makes privacy failures harder to detect.
  • Many systems continuously learn and adapt, so privacy controls must be maintained over time.
  • AI can infer sensitive attributes users never explicitly provided.
  • AI is increasingly used in high-impact sectors such as healthcare, finance and law enforcement.

Organisations that ignore privacy-by-design principles face both regulatory and reputational harm.

Key privacy regulations

The following frameworks are especially relevant for UK-based teams:

1) UK GDPR (2016, retained in UK law)

UK GDPR governs lawful, fair and transparent processing of personal data and includes seven key principles:

  • Lawfulness, fairness and transparency
  • Purpose limitation
  • Data minimisation
  • Accuracy
  • Storage limitation
  • Integrity and confidentiality
  • Accountability

2) Data Protection Act (2018)

This complements UK GDPR and reinforces data subject rights, including:

  • Right to be informed
  • Right of access
  • Right to rectification
  • Right to erasure
  • Right to restrict processing
  • Right to data portability
  • Right to object

3) EU AI Act (2024)

The EU AI Act introduces a risk-based AI governance model and principles including human-centricity, safety, fairness, transparency, accountability, robustness and data governance.

Risks of non-compliance

Failure to comply can lead to major financial penalties, enforced remediation and long-term reputational damage.

Examples of privacy violations in AI

These cases show that privacy incidents often emerge when business objectives outpace governance and safeguards.

Privacy-preserving techniques in ML

Federated learning

What it is

  • Model training occurs on local devices; only model updates are shared centrally.

Benefits

  • Reduces need for centralised storage of raw personal data.
  • Enables collaborative learning while improving privacy.

Risks

  • Model updates can still leak information if poorly protected.
  • Malicious participants may try to infer sensitive data or poison models.

Example

  • Google Gboard improves typing suggestions without uploading raw user text.

Differential privacy

What it is

  • Adds calibrated noise to outputs so individual records cannot be reliably identified.

Benefits

  • Provides measurable privacy guarantees for aggregate analysis.

Risks

  • Too much noise can reduce utility; tuning requires care.

Example

  • Voice assistant analytics can be aggregated while reducing re-identification risk.

Anonymisation and pseudonymisation

What it is

  • Anonymisation removes identifiers irreversibly; pseudonymisation replaces direct identifiers with reversible mappings.

Benefits

  • Enables safer sharing and analysis of sensitive datasets.

Risks

  • Re-identification can still occur via linkage attacks if controls are weak.

Case study: Federated learning in Gboard

Federated learning allows model updates to be trained on user devices and aggregated centrally without storing raw keystrokes on servers. This reduces central breach impact and supports privacy-first personalisation. Similar approaches are being explored in healthcare and finance for sensitive multi-party learning.

Reference: McMahan et al., 2017.

Balancing data utility and privacy

There is often tension between accessibility and security. Good practice balances both:

  • Minimise collection and retention to what is necessary.
  • Use strong access controls and least-privilege permissions.
  • Conduct privacy impact assessments before high-risk processing.
  • Reassess controls when systems or regulations change.

DPIAs for AI/ML projects

A Data Protection Impact Assessment (DPIA) helps identify and mitigate privacy risk before harm occurs.

What makes a good DPIA

  • Clear scope and data-flow mapping
  • AI-specific risk identification (re-identification, model inversion, bias)
  • Strong controls (technical and organisational)
  • Transparency and decision documentation
  • Ongoing review and updates

What makes a poor DPIA

  • Superficial checkbox compliance
  • Vague scope and generic risk statements
  • Missing safeguards and weak evidence
  • No maintenance after go-live

Tip

Treat DPIAs as a continuous governance process, not a one-time document.

If you want to explore practical methods for assessing ethical data use, review the Open Data Institute Data Ethics Canvas.

Action item: Quiz

Scenario: You are the AI ethics officer for an e-commerce company. A new recommendation engine plans to combine purchase history, browsing data and external social media signals for personalisation.

Question 1 of 1
What is the most privacy-responsible first step before deploying this system?
  • A. Launch quickly and add controls after customer feedback
  • B. Conduct a DPIA and minimise data collection to only what is necessary
  • C. Store all user data indefinitely to improve model accuracy
  • D. Share raw data broadly so all teams can optimise recommendations
Correct Answer: B

Feedback: A DPIA plus data minimisation provides an early legal and ethical control point before high-risk processing begins.