How to get started on responsible AI governance today.

AI For Business


There are many concerns about AI: privacy, security, bias, job security, inequality, and disinformation, to name a few. To ensure that technology remains a driver of positive change and to prevent unintended negative impacts, businesses have an obligation to adopt AI ethically and responsibly.

Yet research shows that many organizations are falling behind in this area. For example, a 2024 Workday report found that only 62% of leaders and 55% of employees expect their employers to ensure AI is implemented responsibly. Leaders need a plan for responsible AI governance that protects privacy and personal data, maintains user well-being, mitigates bias, and promotes transparency. Read on to learn how to get started.

What does the law say about responsible AI?

While it is true that technology is advancing far faster than governments can keep up with it, legislation is also on the way. Already in early 2024, the EU passed an Artificial Intelligence Act, providing a regulatory and legal framework for AI. No doubt there will be more legislation on the way, both in the U.S. and around the world.

Michael Bennett, an AI business expert and researcher at Northeastern University in Boston, suggests that leaders can take action now by looking to existing laws on privacy, consumer protection, and personal protection. “In many cases, the laws addressing these issues are over 100 years old,” he notes. “We can look to existing laws that have already been tested in these and other areas outside of AI to address emerging AI issues.”

One thing is almost certain: AI laws will get complicated. “We'll definitely see more regulation of AI — city ordinances, state laws, new federal laws,” Bennett says. “The US is never going to be like the EU. It's unlikely we'll have one comprehensive framework anytime soon. Instead, we'll see more regulatory complexity that will be very complicated to deal with.”

What leaders need to do now for responsible AI governance

Companies can't afford to wait for new AI laws or policies to develop responsible AI governance plans. They need AI now to stay competitive, and they need to develop and deploy it responsibly to avoid major headaches once the regulatory environment catches up.

Some companies are already working to provide responsible AI governance frameworks that other organizations can use as a starting point. “We’re not waiting for regulation to be finalized,” says Kelly Trindell, chief responsible AI officer at Workday. “We’re investing heavily in responsible AI because we know it’s not only the right thing to do, but the smart thing to do.”

To get started on responsible AI, consider the following action items:

1. Research existing frameworks and guidelines. If you're just getting started with responsible AI, look to recently developed best practice frameworks. The NIST AI Risk Management Framework is a good starting point, and many industry associations have also published their own industry-specific guidelines and best practices, says Trindel. You can also see how companies are adopting these frameworks and best practices. Take a closer look at what's already out there and note how existing guidelines can help your organization.

Also consider your organization's existing technology guidelines and practices around privacy and data governance. Perhaps some of your current governance structures and processes can be adapted to guide responsible use of AI.

2. Build a cross-functional and accountable AI governance team. As AI-related laws are enacted, organizations will need to ensure compliance and build teams to ensure that their use of AI is ethical and in line with the goals of responsible AI use and all legal and regulatory requirements.

“Going forward, companies will have to deal less with abstract internal concepts of what privacy and transparency mean and more with clearly defined obligations for regulatory compliance,” Bennett says. “This shift will require them to create and maintain cross-functional teams that include specialists with expertise in AI law, ethics and data science, all working together in harmony.”

For example, Workday has a dedicated Responsible AI team that includes data scientists, social scientists, and DevOps experts focused on driving a responsible AI by design approach to the business. The team coordinates cross-functional collaboration with product, engineering, user experience, legal, and data privacy experts and reports to the Chief Legal Officer.

Workday has separate reporting lines to ensure independence in ethics review and efficiency in product development. “We also have a cross-functional Executive Advisory Board that meets monthly to guide responsible AI building into our technology from the design stage and advise on edge cases in AI development that may not yet be considered in our core governance,” says Trindel.

3. Determine the risks associated with your intended use of AI. EU AI law categorizes the risk of AI into four levels, ranging from unacceptable uses (such as social scoring or manipulative AI) to high-risk and minimal-risk uses, with different regulatory rules applying to each category.

Leaders can use the AI ​​Act's risk classification as a starting point to develop an internal risk assessment process based on their organization's unique business needs. Trindel notes that Workday has taken this approach when crafting its responsible AI policies and practices, relying heavily on frameworks provided by both the EU AI Act and the NIST AI Risk Management Framework. Such frameworks outline risks and mitigation strategies in the areas of safety, accountability, human oversight, transparency, and fairness.

4. Manage AI risks. Once you understand the risks associated with each use case of AI in your organization, create a strategy to appropriately mitigate and manage those risks.

“Just because it's risky doesn't mean we won't do it,” Trindell says. “We just have different guardrails in place internally.” Cathy Pham, vice president of AI at Workday, adds: “The risk framework helps inform decisions about what to build and how to use a responsible AI by design approach to avoid unintended consequences and build trust in the technology. We think this is similar to how we've prioritized security, privacy, and integrity by design. This approach will help us continue to advance AI innovation for our customers in a safe and ethical way.”

5. Choose an AI vendor that focuses on responsible and ethical AI. Trindell said both organizations that develop AI tools and those that deploy them play a key role in responsible AI, which he describes as a “shared responsibility ecosystem.” Leaders adopting AI within their organizations should ensure they are investing in AI vendors that have a focus on responsible AI, including strong controls around privacy and security.

AI can be a powerful tool for positive change, provided business leaders develop and deploy the technology thoughtfully, with high ethical standards and a smart governance plan. Leaders must act now to ensure that AI benefits their organizations and society at large, and to prevent major disruptions when more inclusive AI laws are implemented around the world.



Source link

Leave a Reply

Your email address will not be published. Required fields are marked *