Top 6 Data Management Considerations to Support the Upcoming EU AI Act
Artificial intelligence (AI) is top of mind for today’s enterprises, especially since the advent of ChatGPT and other generative AI innovations. The potential benefits of AI are many, and organizations are already developing new applications to reap the value and improve business outcomes. But now is also an excellent time to consider how AI could be misused and create unintended risk exposure.
Understanding the Potential for Risk with AI
A recent survey by KPMG revealed that 92% of respondents perceive moderate to high-risk concerns with the implementation of generative AI.1 This highlights the need for a thorough review of current practices. Additionally, with sustainability and ESG becoming crucial organizational and worldwide initiatives, the effect of AI on these initiatives is also paramount. For example, ChatGPT-3 usage has already resulted in more than 502 Tonnes of CO2 emissions.2 Organizations must soberly consider these impacts on their business and shareholder value.
The EU Parliament has proposed the European Union AI Act (EU AI Act) after conducting a thorough review of various risk factors.3 The legislation establishes obligations for providers and users based on the risk associated with AI.
The aim of the EU AI Act is to guarantee the safety, transparency, traceability, non-discrimination and environmental friendliness of AI systems used within the EU. This highlights the increasing necessity for proper AI governance.
Organizations are under pressure to plan for mitigating and developing a strong solution to address the risks associated with generative AI. According to a recent survey by McKinsey, only slightly over 20% of companies have risk policies in place for this technology.4
What Is the EU AI Act?
The European Commission has proposed the EU AI Act, the first regulatory framework for AI in Europe. The act's primary goal is to promote trust and assurance in AI. The proposed legislation serves as an indicator of how new AI regulations may unfold. Similar to how the general data protection regulation (GDPR) brought about new privacy laws and requirements, the EU AI Act is anticipated to have a significant and lasting influence on AI's responsible and ethical application.
“On Artificial Intelligence, trust is a must, not a nice to have.”
Margrethe Vestager, Executive Vice-President, A Europe Fit for the Digital Age5
The act requires all EU organizations to perform risk-based classification and regulatory reporting for all its operational AI and machine learning (ML) algorithms, following the classification levels below.
How Can Data-Driven Organizations Prepare for the EU AI Act?
As businesses adjust to comply with the EU AI Act, they must face both internal and external obstacles. Internally, they must navigate through various teams, business units and departments, as well as data silos, to properly govern data and lay a solid foundation for AI algorithms. This includes addressing risk factors consistently and with confidence. The organizational dynamics involved in this process may prove to be more complex than the issue at hand.
Regarding external challenges, organizations face uncertainty regarding the EU AI Act and its measures. Consequently, comprehending the procedures, approaches and strategies to enforce this regulatory compliance will be a significant external challenge for them.
Organizations should be ready to embrace the fundamental principles outlined in the EU AI Act and AI governance. These include transparency, inclusiveness, collaboration, communication, accountability and responsiveness and safeguarding human rights.
For organizations to address AI governance and comply with regulations like the EU AI Act, a good first step is ensuring they have the correct data and foundation for agile, scalable data management.
Here are the six data management considerations to support a data-driven AI governance approach:
- AI/ML and data catalog – Capture and document existing AI/ML algorithms and associated datasets. Determine risk classification for each AI/ML algorithm. Also, determine the process to facilitate future easy cataloging of new AI/ML algorithms.
- Critical datasets (data products) – Identify trusted, reusable critical datasets and democratize them for AI/ML use cases. These can be master/reference/dimensional and related datasets but, over time, can also include commonly leveraged datasets for AI/ML.
- Data quality and observability – Identify data quality for datasets/data products feeding your AI/ML algorithms and trace/monitor essential metrics in an automated fashion.
- Data classification – Classify and document your datasets and attributes. Identify critical processes/policies/regulations to evaluate risk (based on the EU AI Act) and potential impact.
- Metadata and data lineage – Enable your organization to see beneath the covers and understand the metadata and data lineage to determine if there are any loose ends with your AI/ML algorithms beyond the immediate datasets being leveraged.
- AI/ML and data governance – Leverage AI/ML to enable EU AI Act compliance at scale with the proper ownership/stewardship and process management of data and related AI/ML algorithms. A center of excellence (COE )/cross-domain team also supports this by constantly reviewing the organization's data and AI/ML strategies.
Automation – The Secret Sauce
A key challenge to enabling AI governance across the organization is the time and effort needed to identify the suitable datasets for AI/ML to:
- Connect them to the right people, processes and policies
- Classify the data correctly
- Apply and standardize with the right data quality
This means scalability is crucial, even when the initial projects to tackle AI governance and regulation are small.
AI-powered automation is the critical element that enterprises need to scale and provide a rich experience for users and auditors. It allows them to efficiently govern, curate and manage AI/ML algorithms and their associated risks. With automation, organizations can connect and integrate the various data ingredients, such as metadata lineage, classification, data quality and data insights and observability .
What’s Next
Register now to join the brightest minds in cloud, data and AI at Informatica World Tour in London.
Watch How Top CDOs Deliver Outsized Value with Modern Data Governance to learn how you can deliver data-driven outcomes and business insights faster.
1KPMG, Generative AI: From buzz to business value
2Stanford Artificial Intelligence Index Report 2023
3European Parliament News, EU AI Act: first regulation on artificial intelligence
4Quantum Black AI by McKinsey, The state of AI in 2023: Generative AI’s breakout year
5European Commission, A Europe fit for the digital age