Enterprises face immense pressure to deliver value with AI. While that means looking for innovative ways to apply the technology, CIOs and other enterprise IT leaders also need to think about its ethical use and risk management. If they ignore that piece of the puzzle, they do so at their peril.
“You’re going to get the trustworthy issues, fairness issues, and then frankly, you’re opening yourself up to some pretty serious losses,” Doug Gilbert, CIO and chief digital officer at Sutherland, a digital transformation company, tells InformationWeek.
As AI regulations continue to roll out and poor outcomes related to the use of AI come to light, businesses face the possibility of fines and lawsuits. Mitigating that risk means defining ethical AI now, integrating that into an enterprise-wide framework, and ensuring it is uniformly applied and upheld.
Defining Ethical AI
It is easy to say ethical AI means “do good” or “do no harm,” but what does that actually look like in practice? It starts with recognizing that there is no one definition of AI ethics.
“It depends on your values, your upbringing, your environment, who you are as a person,” says Helena Nimmo, CIO at IFS, a global enterprise software company. “Trying to get to something that is a common framework is going to be a challenge, and it’s going to take a lot of negotiation.”
But that negotiation can be rooted in basic principles widely recognized as essential to AI ethics: fairness, transparency, accountability, and privacy.
“When you’re looking at what does the ethical framework look like, it doesn’t matter if it is two pages or 100 pages. It has to have those four words, in my opinion,” she says.
Leaders in different industries may have different issues to consider when looking at specific AI use cases. A CIO at a health care organization, for example, may be particularly preoccupied with the privacy aspect of AI. Is the organization doing enough to protect sensitive patient data? A CIO of a manufacturing company, on the other hand, probably thinks a lot about physical safety. Is AI applied in a way that ensures production lines keep rolling and human workers are kept from harm?
Building a Framework
AI ethics can feel quite overwhelming, but CIOs do not need to build an enterprise framework from scratch. They can pull from the multitude of existing frameworks and take cues from the regulations that apply to the jurisdictions in which they operate.
“Companies are building frameworks themselves,” says Nimmo. “They’re picking and choosing and looking at the best.”
Ethics can form the foundation for an enterprise’s overall approach to overall AI governance.
“If you want to have good security in the company and in your policies … you write your policies with security in mind and you live it,” says Gilbert. “AI ethics has become the exact same way; it’s a fundamental pillar and then that fundamental pillar formulates your AI.”
Like security policies, AI policies cannot be created with a “set it and leave it” approach. They need to be revised and updated to keep up with the rapid evolution of the technology.
CIOs must ensure audits are ongoing. Where does the data used to train models come from? Are outcomes unbiased? How did an AI model arrive at its decisions? Are those decisions causing harm? Is the enterprise maintaining data privacy as it uses AI? Are leaders ensuring everyone, themselves included, is accountable to the organization’s ethical AI framework?
As AI becomes more integrated into enterprises, CIOs will find themselves needing to address new issues. Nimmo points to the humanization of AI as an emerging consideration. Enterprises increasingly adopt chatbots and virtual agents and treat them like employees.
“[What if] you notice that one of your virtual colleagues is consistently getting something wrong?” Nimmo asks. “Who do you complain to? Is this an HR issue? Is this an IT issue? How do you deal with that?”
CIOs will need to update enterprise frameworks to address these kinds of questions.
Securing Enterprise Buy-In
An enterprise-wide initiative — whether it is related to security, culture, AI, or all three — starts with the C-suite.
It could be the CIO who spearheads the definition and application of ethical AI, but everyone at the table needs to be a part of the conversation. Enterprise leadership needs to be on the same page about balancing the commercial pressures to deliver results and against the risks of unethical use of AI.
“We all have a responsibility to make sure that we are thinking about these big things,” says Nimmo. “We get paid to think about these gnarly, big challenges.”
Leaders need to engage in stakeholder management to ensure everyone, from senior leaders to new hires, understands how to use AI within the organization’s agreed upon framework. In fact, it is that younger group that Nimmo thinks is particularly important to include in the AI ethics conversation.
“When we’re dealing with really new world-changing technologies, like AI is, bring the younger voices in,” she says. “Listen to what they have to say because they are going to be the ones who will either get the benefits, or not.”
