Could we be processing sensitive data?
This page is a fallback for search engines and cases when javascript fails or is disabled.
Please view this card in the library, where you can also find the rest of the plot4ai cards.
Could we be processing sensitive data?
- According to art. 9 GDPR you might not be allowed to process, under certain circunstances, personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, genetic data, biometric data, health data or data concerning a person’s sex life or sexual orientation.
- You might be processing sensitive data if the model includes features that are correlated with these protected characteristics (these are called proxies).
If you answered Yes then you are at risk
If you are not sure, then you might be at risk too
Recommendations
- If you need to use special categories of data as defined in the GDPR art. 9, then you need to check if you have the right lawful basis to do this.
- Applying techniques like anonymisation might still not justify the fact that you first need to process the original data. Check with your privacy/legal experts.
- Prevent proxies that could infer sensitive data (especially from vulnerable populations).
- Check if historical data/practices might bias your data.
- Identify and remove features that are correlated to sensitive characteristics.
- Use available methods to test for fairness with respect to different affected groups.