What will the GDPR mean for ML applications?

Where: Foo Cafe, sign-up via meetup.com

When: Mon 12 Jun 2017 at 17.45 (Malmö/Stockholm time)

Machine Learning (ML) applications can fall under the scope of a wide variety of legal regimes. For example, several fields from intellectual property (notably copyright, database and patent law, as well as the IP-related field of trade secret protection), tort (liability for damages caused by ML driven applications), anti-discrimination, privacy (Art. 8 ECHR) and/or data protection law might be applicable. In this talk I will focus mostly on data protection law. Data protection law applies if the application processes data that are related to an identified or identifiable person. While some ML applications fall outside this scope (for example, an ML application making predictions about the weather and air pollution using general sensor data as its input), there is an immense amount of ML applications that does fall under the scope of data protection. On 24 May 2016 the highly anticipated new EU Data Protection law (General Data Protection Regulation 2016/679, replacing Directive 95/46/EC) entered into force; this new law will be applicable (and enforceable with rather large fines!) from 25 May 2018. In this talk I will focus on some of the basic concepts from data protection law that are relevant for ML (e.g., data subject, data controller, profiling, profile transparency, purpose specification and use limitation, legal ground for the processing, anonymization/pseudonymization) and on the changes that are brought about by the new GDPR. Depending on whether there is any time left and on the specific interests of the audience we can also discuss some other legal fields. This could include making some links to previous talks about ML, for example in relation to self-driving cars. Here we can discuss issues such as (a) the need to study ML applications in real life-settings where people interact, pervert, anticipate, fool around etc. with the technology; (b) liability issues: who “pays” (both in terms of civil and criminal liability) if a self-driving car causes damages?; and (c) IP issues: regulation at EU level that all companies have to share their collected data, but how realistic is it?

Our speaker is Katja de Vries, she is a legal researcher and philosopher of technology affiliated to the Centre for Law, Science, Technology, and Society (LSTS, Vrije Universiteit Brussel, Belgium) where she currently works on the EU funded CANDID project (Checking Assumptions aND promoting responsibility In smart Development projects)

17:45 - meet & greet 18:00 - What does GDPR mean in the aspect of ML applications? (part 1) 18:45 - pizza & break 19.10 What does GDPR mean in the aspect of ML applications? (part 2) 20:00 - 20: 30 end - mingle


444 Words

2017-06-12 17:45 +0200