 The IPM Research AI Privacy & Compliance Toolkit can help organizations and researchers develop and deploy machine learning models that are privacy-preserving and comply with relevant data protection regulations. Many machine learning models used to tackle the world's most difficult and complex problems need to be trained using personal, sensitive data. But data protection regulations such as the European General Data Protection Regulation, the California Consumer Protection Act and others impose strict obligations and restrictions on the processing of personal data. Some examples of these constraints are the need to ask for consent, collect the minimal amount of data required, and erase one's data upon request. How is this relevant to machine learning? Recent studies show that a malicious third party with access to a trained ML model, even without access to the training data itself, can still reveal sensitive, personal information about the people whose data was used to train the model. In fact, a Gardner survey from 2019 cited governance issues, security and privacy concerns, and risk or liabilities as some of the top challenges to AI adoption in the enterprise. Now that we understand why ML models should be considered personal data and that data privacy and regulations are relevant to ML, what are the specific obligations that apply to them? First, let's look at the training phase. Anonymizing models before or during the training process ensures that personal information is no longer present in the trained model and therefore not subject to restrictions for personal data processing. Privacy risk assessment of the trained model may also be required to determine the level of risk incurred while using or releasing the model. But just protecting the training data is not enough. The data minimization principle must also be applied to new data that is collected for analysis. This principle states that you can collect only that personal data needed for the specific purpose. And finally, once the model is being used in production environments, you still need the ability to remove individual records from the trained model in response to write-to-be-forgotten requests. Hundreds of fines for the violation of data subjects' rights under GDPR have been imposed by European data protection authorities in the last few years. These fines range from a few thousand euros to tens and even hundreds of millions of euros. This includes a 14 million euro fine to a German real estate company for storing the personal data of its customers indefinitely and without giving them the option to have it removed. But most data scientists are not experts in privacy and do not know how to comply with these complex regulations. To solve all these issues, we propose a comprehensive suite of innovative tools that can be easily applied during or after the training process to help ensure the privacy and compliance of the resulting models. This lifts the burden from the model developers and lets them concentrate on what really matters to them – a functioning and accurate ML model. Meet Cynthia, a machine learning expert. She's trying to create a machine learning model to predict people's purchases in an online retail shop. The retail website is asking for people's permission to collect data about their browsing and purchase habits to improve their online shopping experience and provide more personalized recommendations. However, the retailer does not want to collect and store more sensitive personal information than is really needed for this purpose. In addition, some of the shop's customers may later change their mind and ask to have their personal data removed from the website. Ryan, the company's CTO, understands that Cynthia needs help to protect the company from potentially devastating financial ramifications and reputational damage due to non-compliance. Using the AI Privacy and Compliance Toolkit, Cynthia can determine the level of detail required when collecting data from customers, as well as remove the data of people who make such a request, including their contribution to the company's AI models. In summary, the AI Privacy and Compliance Toolkit from IBM Research helps create machine learning models that preserve the privacy of their training data and comply with relevant data protection regulations, leaving the data scientists to focus on what they do best, using data to solve real problems. Stay tuned for more videos describing the details of our exciting tools. For more information, contact us at IBM Research HIFA.