AI and Its Implications for Data Privacy

Posted on: August 30, 2023

This article was contributed by the authors of Artificial Intelligence for Marketing Management: 

• Lars-Erik Casper Ferm, The University of Queensland, Australia

• Park Thaichon, University of Southern Queensland, Australia

• Sara Quach, Department of Marketing, Griffith University, Australia

Introduction  

Everything you do generates data. When you like a picture, comment on a post, or connect your accounts to different platforms – you are generating data. Data is “the new oil” and as such businesses use it to make informed decisions. In fact, data is so powerful, corporations such as Meta and Alphabet (Google) don’t even have a product – your data is the product. The use of data allows us to personalize our experiences, make our lives more streamlined and allow us to connect more than ever before – so isn’t this a good thing?  

Not exactly. Companies have famously personalized too much. For instance, Target notoriously informed a father his daughter was pregnant before he knew himself or Amazon’s Alexa provided a user’s transcripts and audio files to the wrong person. In both cases, there was a clear breach of privacy, and both committed by a form of artificial intelligence (AI). Target, and Amazon’s Alexa, infringed on customer’s privacy by providing data to those other than the individual without their consent. In these cases, AI used this data to try generate value, but ended up impeding these peoples right to privacy. 

This begs the question, what is AI and what does it have to do with data privacy? Data privacy can be thought of as the level of perceived control a customer has in the provision of access, use, storage, and dissemination of their personal data. This definition mainly focuses on people having control over their personal information. As AI is growing at an astounding rate with 55% of homes in the US using AI voice assistants or utilizing AI as a mental health assistants, AI’s potential of spreading our sensitive data becomes a greater issue.  

Types of AI  

First, there are three main types of AI in the marketing domain: 

Natural Language Processing  

Basically, Natural Language Processing takes human language, such as speech and words, and derives meaning from it. NLP is commonly used in voice assistants and chatbots. It has the ability to understand various accents, detect and respond to customer emotions, and establish connections between social media content and customer engagement.  

Machine Learning 

Machine learning uses algorithms and statistics to analyze large amounts of data to identify patterns and improve its performance. Examples of machine learning include predictive text (e.g., your phone autocompletes as you type), chatbots, or medical diagnoses (reviewing medical scans for patient abnormalities). Fundamentally, machine learning allows for AI to operate without human intervention based on their ability to use and learn from data to make decisions. 

Deep Learning 

Deep learning utilizes neural networks, similar to the neural systems in human brains, to make decisions. Unlike machine learning, deep learning relies on extensive datasets and multiple layers of data to make informed decisions. For example, self-driving cars need to pull upon a large variety of layers to make informed decisions (e.g., pedestrians, traffic lights, other cars, weather conditions, and street signs). 

These three types of AI often work together (e.g., a chatbot may utilize natural language processing to understand what’s written and machine learning to improve its responses). But it is within these three types of AI that data privacy issues emerge. 

So how does AI collect your data? It listens! 

AI relies on data to perform tasks and understand customer needs. This data can come from intentional sources, like when customers provide their personal information, or unintentional sources, where AI collects data without individuals realizing it, such as through facial recognition.  

Since AI can unintentionally gather our personal data without us knowing or wanting it - this data might end up being used in ways not always expected, which goes against our feelings of control and privacy. For example, a couple found if they spoke about cat food around their brand new phone, they would then receive Facebook advertisements for cat food even though they (a) did not have a cat, and (b) never searched for cat food or anything cat related before that point.   

AI algorithms are designed to be intelligent and effective, but sometimes they unintentionally gather information that can raise concerns about privacy if there aren't proper safeguards in place. Consider the example of a ficititous app called "Find my car”. When you use this app, you simply take a picture of your car, and later on, using geocodes from a photo of your car, helps you locate your car easily. However, even such a simple AI function can have privacy issues. For instance, the app might unintentionally capture people walking in the background, your parking habits could be used by insurance companies if you're getting a plan or making a claim or the data about your parking and personal information may be stored for longer than you expect. 

Video doorbells that contain facial identification provide another example. While these doorbells are meant to recognize your family members or regular visitors, they can also end up collecting information about people who are unrelated to you, without even meaning to. As a result, neighbors might worry about being recorded without their permission, and that law enforcement agencies could access the recorded videos through legal means. All of this raise’s concerns about how the collected data will be used and where it will be stored. 

In summary, AI's data collection practices, both intentional and unintentional, can have implications for privacy and raise concerns about how the data is used, stored, and accessed. 

How AI uses this data 

Building on the above types of AI, there are three important aspects of AI in marketing: (1) customer segmentation and targeting (2) personalization, and (3) customer service. These practices can help businesses improve their marketing strategies and customers receiving value, but they also raise concerns about privacy. Finding the right balance between personalization and privacy is crucial in an AI world. 

Customer segmentation + targeting 

Segmentation and targeting in marketing involve dividing customers into groups based on similarities and using that information to develop tailored marketing strategies. This can be based on demographic, behavioral, geographic, or psychographic factors. However, in a digital context, these practices can raise privacy concerns as they may extract or assume sensitive information, such as political affiliations or sexual orientation. Marketers can use AI to segment and target customers more effectively, utilizing machine learning algorithms to analyze large amounts of data and predict customer behavior. While this can lead to highly personalized and impactful marketing, it can also breach customers' data privacy, as demonstrated by the example of Target sending pregnancy coupons to a teenage girl before her own father knew she was pregnant. 

Personalization 

Marketing tries to make experiences personal, but it can be tricky because businesses want customer data while people want their privacy. Sometimes, when personalization is too obvious, it can make people uncomfortable, and they might respond negatively to such content. Urban Outfitters, for example, faced criticism when they personalized their website by gender without asking customers first. It's important to find a balance between personalization and privacy, especially with the use of AI technology that enables tailored experiences. 

AI, specifically DeepFakes, adds more challenges to this issue. DeepFakes use advanced technology to create realistic but fake content, like merging or replacing images, videos, or audio. They can be used to generate personalized media, such as putting your own, or a friend’s, face on a celebrity's body. However, DeepFakes have been misused for creating fake pornography, which causes harm to its victims. The accessibility of DeepFake technology raises concerns about privacy, as even people without much skill can create misleading content that may be used for blackmail or harassment. 

Customer Service 

Customer service in the digital age has been transformed by AI, particularly chatbots. These virtual assistants use machine learning and natural language processing to engage with customers and provide assistance. Although chatbots offer benefits in enhancing customer experience, they face challenges in being widely accepted due to limitations in conversational flow and empathy compared to humans. Privacy regulations like the European Union’s privacy law General Data Protection Regulation (GDPR) - restrict the collection and use of customer data, requiring the careful handling of information to ensure privacy while optimizing the benefits of AI-driven customer service. 

For example, McDonald's introduced a voice-controlled chatbot for its drive-thru services. However, a lawsuit was filed against the company, alleging privacy violations through the recording of voice conversations without consent and the potential repurposing of customer data. The chance for data spillovers (e.g., customer data used for a purpose not intended or communicated) and the lack of transparency regarding data storage further raised concerns. Striking the right balance between privacy and personalization is crucial, requiring consent for data collection and addressing key privacy aspects to ensure successful implementation of AI-driven customer service. 

Potential solutions to AI and data privacy 

AI systems, such as machine learning and deep learning models, gather and use a lot of data to learn and improve. However, as technology advances quickly, privacy regulations may not be able to keep up. It's important to find solutions that can protect people's privacy while still benefiting from AI. Below are some proposed solutions: 

Data Value Proposition and Transparency 

A data value proposition is how a company shows customers that they will give them something valuable in return for their data. Research has found that most customers are okay with sharing their personal information if they get something extra in return. For example, a company can offer better customer experiences, personalized recommendations, and let customers have a say in how their data is used. However, more customers are worried about their privacy, with many deleting cookies and avoiding websites that ask for personal information. This makes it even more important for companies to have a strong data value proposition that addresses these concerns and convinces customers that their data will be used responsibly. Being honest and clear about their data value proposition can help companies gain customers' trust and encourage them to share their data – which leads to people sharing data more.  

Degree of Personalization 

When users sign up for a service, website or app, the user should be able to choose the amount of personalization they desire AI systems to generate. Such a solution may satisfy the personalization-privacy paradox as users can choose how their data is used and for what purpose based on the level of access given. Whilst allowing customers to opt-in vs opt-out (e.g. notice and choice model) has been argued to solve this paradox, the binary nature of this approach does not provide a holistic perspective that ‘strikes the balance’ of desired personalization which is unique to each customer. As such, looking towards personalization as a continuum would provide a clearer picture. For example, customers may desire between receiving no personalization, receiving minimal personalization (e.g., newsletters), receiving moderate amounts of personalization (e.g., personalized content and segmentation) or receiving complete personalization (e.g., third-party data integration). 

Federated Learning 

Federated learning is a privacy-focused approach to machine learning where algorithms collaborate without sharing user data itself. Unlike traditional cloud-based models, federated learning allows devices like smartphones to learn collectively without uploading data to a central server. Instead, a part of the AI's learning is sent to the server (not the data itself, but the new training data from what was learned), where it combines with other devices' learning to improve overall performance. Then, the updated knowledge is sent back to the devices, enabling them to enhance their learning and personalized features. Federated learning offers advantages such as reduced delays, lower power consumption, and decentralized data storage compared to traditional cloud-based models. A practical example of federated learning is Google Keyboard's suggestion tool, which learns from a diverse range of devices without compromising user privacy.  

Whilst federated learning is in its early stages, it offers a solution to the many issues that occur such as Amazon’s Alexa providing other customers data or the question of where data is stored as per McDonald’s case. As technology advances, the importance of decentralization and anonymization of data grow in importance - a solution that federated learning may provide. 

----------

References: