Skip to main content

Responsible data collection and usage

Instruction and application
Complete

You have already explored legislation, privacy controls and ethical frameworks. This lesson focuses on how those ideas apply when you collect and use data for AI and ML.

Why data ethics matters

AI models are only as good as the data they learn from. Biased, incomplete or irresponsibly collected data produces systems that skew decisions, discriminate and erode trust with users and regulators.

Ethical collection is not about gathering as much data as possible. It is about ensuring data is lawful, proportionate, representative and high quality for the problem you are solving.

Key principles for ethical data collection

Legitimate interests (UK GDPR)

Under UK GDPR, Legitimate Interests can be a lawful basis for processing when the processing is necessary and abalancing test shows that your interests are not overridden by individuals' rights.

  • You must still be transparent: explain what you collect, why and how AI uses it.
  • Provide this in plain language (for example a concise privacy notice linked at the point of collection).
  • Users retain rights including the right to object to Legitimate Interests processing. Your notice should say how to exercise that right.Example: A health app processes aggregated biometric signals for service improvement. It should state the purpose, why processing is necessary, and how users can object, even when data is aggregated or pseudonymised.

Diversity and representativeness

Datasets should reflect the real world across the dimensions that matter for the use case:

  • Demographics such as age, ethnicity, geography and socioeconomic context where relevant.
  • Temporal bias: training on an unusual period (for example heavy lockdown travel data) can misrepresent “normal” behaviour.
  • Geography: models trained mainly on urban data may fail or act unfairly in rural contexts.
  • Features: missing or underrepresented variables produce incomplete models.

Representation is not one-off: monitor datasets and model performance as populations and behaviours change.

Proportionality (data minimisation)

Collect only what you need for the stated purpose. Over-collection increases privacy risk and breach impact.

Example: A fitness tracker should not harvest contact lists or browsing history if those are irrelevant to its purpose.

The risks of poor data collection

Car insurance and the ethnicity penalty

Postcodes and similar proxies can correlate with protected characteristics. If pricing models lean on such proxies without careful fairness analysis, people in some areas can face higher quotes despite similar risk profiles.

Health care algorithm favouring white patients

Using past health care costs as a proxy for need can encode systemic access inequalities. Lower historical spend does not always mean lower clinical need.

Google Translate gender bias

Web-scale training text reflects societal stereotypes. Without debiasing and evaluation, models can map occupations to gendered language in harmful ways.

Unity ad targeting error

Faulty customer demographic and behaviour data flowed into ML pipelines, reportedly causing major revenue impact and costly recovery work.

Key point

In each case, harm or loss came from data that was a poor proxy, unrepresentative or low quality. You are responsible for ensuring training data is fit for purpose, collected lawfully and assessed for bias.

Strategies for identifying and mitigating bias

Dataset audits

A dataset audit reviews quality, completeness, consistency and compliance. Organisations should audit training data for disparities across race, gender, geography and socioeconomic groups. On a new project, start with exploratory analysis and escalate gaps you find.Example: If a résumé screener rejects one group at higher rates, audits can reveal biased labels or skewed sampling.

Reweighting and resampling

Reweighting adjusts sample weights so underrepresented groups contribute more during training (for example weight 9.0 on a 10% class). Watch for overcorrection harming the majority.Resampling balances classes by oversampling the minority or undersampling the majority. Duplicates, synthetic data or dropped rows each carry reliability risks.

Transparency in data labelling

Human labels drive many models. Reduce label bias with:

  • Clear guidelines and a stable schema.
  • Diverse, trained annotators and inter-rater checks.
  • Periodic audits of labelled data against the schema.

Data quality and integrity in ethical ML

Strong practice includes:

  • Accuracy from the start: validated types, correct columns, reliable labels.
  • Representation across the population and contexts the model will serve.
  • Source documentation: provenance, licences and ethical sourcing.
  • Fair collection methods: avoid skewed convenience samples where they create bias.
  • Processing transparency: documented cleaning, joins and feature engineering.
  • Versioning and traceability: which dataset version trained which model.
  • Auditability: lineage and reproducibility so third parties can verify fairness claims.

Case study: discriminatory diagnostics

A widely used skin cancer model underperformed on darker skin because training images skewed toward lighter skin tones. Underrepresentation led to misdiagnosis and delayed care. See NCBI for further discussion.

Why this matters

High-integrity, representative data is the foundation of fair, reliable models. Without it, technical sophistication cannot undo bad inputs.

Storage, retention and disposal

AI systems often hold sensitive financial, health, biometric and communications data. Weak storage becomes a breach magnet.

Key point

Use defence in depth: encryption, access controls, least privilege, logging and anonymisation or pseudonymisation where appropriate.

Protecting data from unauthorised access

Role-based access, MFA, separation of duties and tight controls on exports (including email and removable media) reduce insider and external risk.

Secure storage and backups

Maintain encrypted backups in resilient environments. Many organisations blend on-premises and cloud storage while meeting regulatory requirements.

Encryption

Common patterns include AES-256 for data at rest andTLS for data in transit. Email is often a weak channel; avoid sending sensitive training data as attachments when secure transfer is available.

Example: 2017 Equifax breach

A known vulnerability left systems exposed, affecting tens of millions of people. The case underscores patching, segmentation, monitoring and incident readiness—not only “AI model” risk but platform hygiene.

Purpose-driven retention

Retain data only as long as needed for the stated purpose and legal requirements. Excess retention increases breach blast radius.

  • Periodic data audits check accuracy, relevance, security and compliance.
  • Automated retention schedules delete or archive data on policy.
  • User-controlled deletion: for example Google auto-delete controls.

Example: 2019 Facebook / FTC order

Long retention and weak controls around third-party access contributed to a landmark penalty and new restrictions. Define retention periods and enforce them with automation where possible.

Ethical disposal when data is no longer needed

Poor disposal enables recovery and misuse. Common approaches:

MethodRoleCaveat
Soft deleteReversible tombstone for operationsNot sufficient for full erasure requests
Cryptographic erasureDestroy keys so ciphertext is unreadableNeeds strong crypto and key governance
Secure overwriteReplace data with random patternsCan be slow; SSD wear-levelling complicates guarantees
Physical destructionShred drives for highest sensitivityCostly; impractical for pure cloud abstractions

Example: 2020 Morgan Stanley OCC matter

Inadequate erasure before decommissioning hardware reportedly allowed recovery of customer data, illustrating why secure destruction processes must be operational, not aspirational.

Action item: Quiz

Question 1 of 2
What is temporal bias in dataset collection?
  • A. Using too many features in a model
  • B. Letting data from an unusual time period dominate training so it no longer reflects typical behaviour
  • C. Encrypting time-series data incorrectly
  • D. Collecting data only from mobile devices
Correct Answer: B

Feedback: If a narrow window (for example a crisis period) is not representative of normal operations, models can learn the wrong “baseline”.

When relying on Legitimate Interests under UK GDPR, what must organisations do before processing?
  • A. Obtain explicit consent for every processing activity
  • B. Publish model weights publicly
  • C. Perform a balancing test and document why interests are not overridden by individuals' rights
  • D. Avoid providing a privacy notice if data is anonymised
Correct Answer: C

Feedback: Legitimate Interests requires necessity and a documented balancing test, plus transparency and objection rights.