Towards An Automated AI Act FRIA Tool That Can Reuse GDPR's DPIA
Tytti Rintamaki, Harshvardhan J. Pandit
TL;DR
This paper explores how to develop an automated tool to support the AI Act's FRIA process by reusing GDPR's DPIA, focusing on information alignment and process steps.
Contribution
It provides a novel framework for understanding DPIA and FRIA as information processes, enabling automation and reuse in compliance with the AI Act.
Findings
Analyzed the information involved in DPIA and FRIA.
Aligned DPIA and FRIA to identify reuse opportunities.
Outlined a 5-step process for FRIA automation support.
Abstract
The AI Act introduces the obligation to conduct a Fundamental Rights Impact Assessment (FRIA), with the possibility to reuse a Data Protection Impact Assessment (DPIA), and requires the EU Commission to create of an automated tool to support the FRIA process. In this article, we provide our novel exploration of the DPIA and FRIA as information processes to enable the creation of automated tools. We first investigate the information involved in DPIA and FRIA, and then use this to align the two to state where a DPIA can be reused in a FRIA. We then present the FRIA as a 5-step process and discuss the role of an automated tool for each step. Our work provides the necessary foundation for creating and managing information for FRIA and supporting it through an automated tool as required by the AI Act.
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.
Taxonomy
TopicsImage Processing and 3D Reconstruction · 3D Modeling in Geospatial Applications · Semantic Web and Ontologies
MethodsALIGN