Model building and feature selection will require engineers and designers to be aware that the choices made about grouping or separating and including or excluding features as well as more general judgments about the reliability and security of the total set of features may have significant consequences for vulnerable or protected groups.

Principle 2 – Privacy & security

The privacy and security principle represents overarching values that require AI systems;

throughout the AI System Lifecycle; to be built in a safe way that respects the privacy of the data collected as well as upholds the highest levels of data security processes and procedures to keep the data confidential preventing data and system breaches which could lead to reputational, psychological, financial, professional, or other types of harm.

AI systems should be designed with mechanisms and controls that provide the possibility to govern and monitor their outcomes and progress throughout their lifecycle to ensure continuous monitoring within the privacy and security principles and protocols set in place.

3 The security and protection blueprint of the AI system, including the data to be processed and the algorithm to be used, should be aligned to best practices to be able to withstand cyberattacks and data breach attempts.

4 Privacy and security legal frameworks and standards should be followed and customized for the particular use case or organization.

5 An important aspect of privacy and security is data architecture; consequently, data

6 security mechanisms for de identification should be planned for the sensitive or personal data in the system.

Data privacy and security protect information from a wide range of threats.

3 Designers and engineers of the AI system must exhibit the appropriate levels of integrity to safeguard the accuracy and completeness of information and processing methods to ensure that the privacy and security legal framework and standards are followed.

They should also ensure that the availability and storage of data are protected through suitable security database systems.

4 All processed data should be classified to ensure that it receives the appropriate level of protection in accordance with its sensitivity or security classification and that AI system developers and owners are aware of the classification or sensitivity of the information they are handling and the associated requirements to keep it secure.

4 All processed data should be classified to ensure that it receives the appropriate level of protection in accordance with its sensitivity or security classification and that AI system developers and owners are aware of the classification or sensitivity of the information they are handling and the associated requirements to keep it secure.

1 Privacy and security by design should be implemented while building the AI system.

security mechanisms should include the protection of various architectural dimensions of an AI model from malicious attacks.

2 The AI system should be secure to ensure and maintain the integrity of the information it processes.

Furthermore, appropriate measures should be in place to ensure that AI systems with automated decision making capabilities uphold the necessary data privacy and security standards.

1 After the deployment of the AI system, when its outcomes are realized, there must be continuous monitoring to ensure that the AI system is privacy preserving, safe and secure.

3 Establishing a set of standards and protocols for assessing the reliability of an AI system is necessary to secure the safety of the system’s algorithm and data output.