Canadian organizations implementing artificial intelligence (“AI”)[1] products to process personal information are currently working in a vacuum, with no definitive standards or frameworks to guide them.[2]
However, the Information and Privacy Commissioner of Ontario (“IPC”) recently considered a university’s use of AI in processing sensitive personal information, and in so doing provided recommendations for ensuring the privacy-protective adoption of such technologies. While IPC’s Privacy Complaint Report PI21-00001 (“Report”) is focused on public sector institutions’ obligations under Ontario’s public sector privacy law - the Freedom of Information and Protection of Privacy Act (“FIPPA”) - the Commissioner’s advice and recommendations may be a valuable resource for organizations seeking to implement AI systems in a privacy-protective manner more broadly, regardless of jurisdiction.
Please log in to read the full article.