AI & Privacy by Bhatia Punit & Chivot Eline

Author:Bhatia, Punit & Chivot, Eline
Language: eng
Format: epub
Publisher: Ek Advisory
Published: 2021-04-07T16:00:00+00:00

Here as well, good practice involves mapping data flow. It is likely that the data will remain in the bank but in case data flows to a third party, that needs to be highlighted. Further, you may need to collect additional information for processing such as the information loan applications include.

Human Control

Clarifying the level of human control of your loan process is key. A simple option can be to provide a message and button to the applicant customer, saying something such as: “Applications are processed based on our automated loan simulation. If you would like this to be reviewed manually, please make a request by clicking the below button.”

Transparency and Explainability

Writing a privacy statement or notice that explains what personal data is collected, what is done with it, who is it shared with, and why, can help you comply with this principle. A bank would have the privacy statement available on its website, but additionally making it available as a link when submitting data can go a long way when ensuring transparency. Have external parties (including a pool of users) and expert audits review whether the statement makes sense from a user and legal perspective.

Time and storage limitation

Deciding about how long to keep collected data is both interesting and challenging because applying this principle involves many banking laws, which requires interpretation.

Purpose Limitation

A good way to comply with this principle is by making sure that users’ personal data is lawfully processed and not used for secondary purposes without their consent. For example, you may want to be explicit on how their personal data is being used, if it is collected to later be used as part of loan applications and their processing e.g., there may be follow up emails to persuade customers to apply for a loan and this would be a choice based on consent.

Proportionality

You should ensure that the data you enlist while evaluating loan applications is necessary to provide the service and its purpose. For instance, you may need to know the age of the customer, but not the age of his or her relatives; you may need to include the place where he or she is born as a variable, but you should not include the color of his or her skin.

Non-discrimination and Fairness

To ensure your algorithm does not unfairly discriminate, make sure that decisions are not based on parameters such as the user's gender, age, ethnicity, or by providing justification if they are (after all, age is a common factor driving both human and automated decisions when it comes to granting loans).

Responsibility

Making sure that your algorithm “behaves responsibly” is a challenging task. A simple and easy way to address this can be ensuring the algorithm will be fed the minimal amount of data that is necessary instead of relying on the broader wealth of consumer data that a bank may have. If any data about the customer's credit history or if other data is needed, make sure to inform the consumer.

Security

Banks typically have strong technical and organizational measures in place for banking operations.

Download

Copyright Disclaimer:
This site does not store any files on its server. We only index and link to content provided by other sites. Please contact the content providers to delete copyright contents if any and email us, we'll remove relevant links or contents immediately.