GDPR questions and answers

GDPR: QUESTIONS AND ANSWERS

Category:
IT Security

Does GDPR permit training AI models on personal data?

ANSWER

There is no general prohibition. Any processing of data must be carried out for a specific purpose

and on a defined legal basis. Processing must comply with the principles set out in Art. 5 GDPR, including the requirement of necessity in relation to the given purpose.

A model does not store data itself, only a certain representation of it in the form of weights. However, among the risks identified are the phenomena of ‘memorisation’ and ‘regurgitation’, as well as attacks on the model that may be used to reconstruct data used for training (e.g. membership inference attacks, model inversion attacks – links in the reference materials).

Another aspect concerns the transfer of personal data to the system provider, who may subsequently use that data for training purposes. Here too, the applicable principles and legal bases must be borne in mind. In addition, the transfer of data to the provider may be treated as a change of purpose, which means that the requirements of Art. 6(4) GDPR must be satisfied.

In summary, it may be necessary to, among other things:

  • define a specific purpose and assign an appropriate legal basis (most commonly

    Art. 6(1)(f) GDPR following a balancing test),
  • conduct a DPIA (Art. 35 GDPR) taking into account the risks of memorisation and inference attacks,
  • apply privacy-by-design measures at the data collection and training stages, such as dataset filtering, pseudonymisation, differential privacy, or federated learning,
  • regulate the issue of reuse of data by the provider and satisfy the requirements of Art. 6(4) GDPR in the event of a change of purpose,
  • ensure transparency towards data subjects and readiness to fulfil their rights.

Read also:

Receive a free package of 4 tutorials and 4 e-learning trainings
The controller of your data is ODO 24 sp. z o. o.