A Controller Without Control. Embedded Artificial Intelligence – A Catalyst to Reconsider the Controller/Processor Relationship of the GDPR
Publikation: Bidrag til bog/antologi/rapport › Bidrag til bog/antologi › Forskning › fagfællebedømt
Dokumenter
- Dahi & Corrales (SRRN version)
Indsendt manuskript, 289 KB, PDF-dokument
In the past, AI-devices offloaded their processing to the cloud, clearly implicating the provider of the cloud as either a controller or a processor under the GDPR. Increasingly, however, AI-driven processing is moving away from the cloud. Dedicated AI chipsets embedded in mobile clients and various edge devices now provide on-device predictions. A smart phone can screen for skin melanomas without sending any data to the cloud or app developer, and a bedside patient monitoring system can process locally in the hospital without sending any personal data to the device manufacturer. Such localized processing reveals underlying problems of how responsibility within data protection is allocated. For example, device manufacturers are typically deemed to fall outside the scope of the GDPR. This chapter argues that the current understanding of the controller/processor framework is too narrow. This is demonstrated through various processing scenarios.
Originalsprog | Engelsk |
---|---|
Titel | AI in eHealth : Human Autonomy, Data Governance & Privacy in Healthcare |
Redaktører | Marcelo Corrales Compagnucci, Michael L. Wilson, Mark Fenwick, Nikolaus Forgó, Till Bärnighausen |
Antal sider | 14 |
Udgivelses sted | Cambridge |
Forlag | Cambridge University Press |
Status | Accepteret/In press - 2021 |
Navn | Cambridge Bioethics and Law |
---|
Antal downloads er baseret på statistik fra Google Scholar og www.ku.dk
Ingen data tilgængelig
ID: 241213981