acm-header
Sign In

Communications of the ACM

BLOG@CACM

Fair AI Practices


View as: Print Mobile App Share:

A new technology, broadly deployed, raises profound questions about its impact on American society. Government agencies wonder whether this technology should be used to make automated decisions about Americans. News reports document mismanagement and abuse. Academic experts call attention to concerns about fairness and accountability. Congressional hearings are held. A federal agency undertakes a comprehensive review. Scientific experts are consulted. Comments from the public are requested. A White House press conference is announced. A detailed report is released. The centerpiece of the report is five principles to govern the new technology.

The year is 1973. And the report Records, Computers, and the Rights of Citizens provides the foundation for modern privacy law. The report sets out five pillars for the management of information systems that come to be known as "Fair Information Practices." The report will lead directly to the passage of the 1974 Privacy Act, the most comprehensive privacy law ever enacted in the United States. To this day, Fair Information Practices, developed by a commission led by computer scientist Willis Ware, remains the most influential conceptions of privacy protection.

Fast forward 50 years later. The Blueprint for an AI Bill of Rights is announced by the Office of Science and Technology Policy. The 2022 report marks a turning point in U.S. AI policy, and like the 1973 report, follows a familiar trajectory.. That is too soon to assess. But many of the criticisms are far off the mark. Like the "Rights of Citizens" report,  the AI Bill of Rights set out no new rights.  And like the 1973 report, the recommendations in the Blueprint requires action by others. But the most remarkable parallel is the five principles at the center of both reports. The "Rights of Citizens" report set out the Fair Information Practices:

  1. There must be no personal data record-keeping systems whose very existence is secret.
  2. There must be a way for a person to find out what information about the person is in a record and how it is used.
  3. There must be a way for a person to prevent information about the person that was obtained for one purpose from being used or made available for other purposes without the person's consent.
  4. There must be a way for a person to correct or amend a record of identifiable information about the person.
  5. Any organization creating, maintaining, using, or disseminating records of identifiable personal data must assure the reliability of the data for their intended use and must take precautions to prevent misuses of the data.

The 2022 Blueprint stated:

  • Safety and Security - You should be protected from unsafe or ineffective systems.
  • Fairness and Equity - You should not face discrimination by algorithms and systems should be used and designed in an equitable way. 
  • Data Protection and Privacy by Design - You should be protected from abusive data practices via built-in protections and you should have agency over how data about you is used.
  • Transparency and Explainability - You should know that an automated system is being used and understand how and why it contributes to outcomes that impact you.
  • Accountability and Human decision-making - You should be able to opt-out, where appropriate, and have access to a person who can quickly consider and remedy problems you encounter.

The Fair Information Practices allocated rights and responsibilities in the collection and use of personal data. The 2022 Blueprint has set out "Fair AI Practices," allocating rights and responsibilities in the development and deployment of AI systems. This could well become the foundation of AI policy in the U.S.

In the years ahead, it will be interesting to see whether the AI Bill of Rights occupies a role in American history similar to that of the 1973 "Rights of Citizens" report. But at the outset, one point is certain: the similarities are striking.

 

Marc Rotenberg is the founder and president of the Center for AI and Digital Policy (CAIDP). He is the editor of the AI Policy Sourcebook and served on the OECD AI Group of experts.


 

No entries found

Sign In for Full Access
» Forgot Password? » Create an ACM Web Account