BackHarming users’ data privacy
Harming users’ data privacy
Risk Domain
AI systems that memorize and leak sensitive personal data or infer private information about individuals without their consent. Unexpected or unauthorized sharing of data and information can compromise user expectation of privacy, assist identity theft, or cause loss of confidential intellectual property.
"Modern AI systems rely on large amounts of data. If this includes personal data about individuals, the risk of harming the privacy of persons arises."(p. 9)
Entity— Who or what caused the harm
Intent— Whether the harm was intentional or accidental
Timing— Whether the risk is pre- or post-deployment
Other risks from Schnitzer2024 (24)
Inadequate specification of ODD
7.3 Lack of capability or robustnessHumanUnintentionalPre-deployment
Inappropriate degree of automation
7.2 AI possessing dangerous capabilitiesAI systemUnintentionalPost-deployment
Inadequate planning of performance requirements
7.3 Lack of capability or robustnessHumanUnintentionalPre-deployment
Insufficient AI development documentation
7.4 Lack of transparency or interpretabilityHumanOtherPre-deployment
Inappropriate degree of transparency to end users
7.4 Lack of transparency or interpretabilityHumanOtherPre-deployment
Choice of untrustworthy data source
7.0 AI System Safety, Failures & LimitationsHumanUnintentionalPre-deployment