Taking place on March 12 and 13 at Park Plaza, Riverbank, London, PrivSec & GRC Connect London provides a platform for organisations to address the cumulative nature of risk.

PrivSec & GRC Connect London’s comprehensive agenda is led by subject matter experts, business chiefs and industry leaders, giving attendees a deep-dive into challenges and solutions on the rapidly evolving GRC landscape. 

Session panellist, Emma Green is the Managing Partner of Cyber Data Law Solicitors. In the role, she drives improvements and ensures the implementation of data protection and cyber security global programs for clients and organisations. 

In her PrivSec & GRC Connect London session, Emma will discuss how organisations can harness the power of AI responsibly and ethically. Below, she answers questions on her professional journey and introduces the debate’s key issues.

Could you outline your career pathway so far?

Over the years I have fallen into roles rather than following a specific path. What started out as working in IT on tech helpdesks morphed into becoming a Lotus/Domino technical trainer, co-authoring an IBM Redbook then 10 years training and consulting for Hewlett Packard’s products which then morphed into cyber security and data protection and ultimately into AI.

John Green (same name no relation) is a senior solicitor specialising in cyber security and data protection and it seemed the perfect synergy of Tech and Law, so after working together for a number of years in our consultancy firm setting up a law firm was the natural next step.

I am now the managing partner of a rapidly expanding global law firm specialising in compliance frameworks such as cyber, data protection, PECR and AI.

We work both proactively preparing such things as global compliance frameworks, contracts and training and reactively with such things as first responders to cyber-attacks, legal representation against regulators or defending litigation. We are very passionate about we do and the service we offer our clients.

What are the big challenges that generative AI poses to AI governance?

Challenges in integrating generative AI encompass ethical concerns, including inadvertent bias and inappropriate content generation, requiring careful oversight and robust content filtering.

Overfitting, producing outputs closely tied to training data, poses difficulties in balancing specificity and generality. Limited computational resources, especially for smaller organizations, hinder effective utilization.

Lack of explainability and interpretability in complex generative models hinders trust in critical sectors like healthcare or finance. Furthermore, security vulnerabilities expose generative AI to adversarial attacks, necessitating ongoing research for robust security measures.

Legal and regulatory issues arise, demanding compliance with evolving standards in data privacy, intellectual property, and responsible AI use. Dependency on training data quality and biases necessitates careful curation and transparency to address fairness concerns.

What policies and guidelines should organisations aim to implement in order to promote responsible and ethical use of AI?

Key considerations for AI integration include: legal and regulatory compliance, active leadership involvement in policy development, disclosure practices for AI use, addressing data ownership ambiguities, establishing ethical safeguards, providing employee training and guidelines, and incorporating regular policy update intervals to keep pace with AI evolution.