Privacy by Design

GDPR

General Data Protection Regulation — EU legislation governing the collection and processing of personal data of EU residents.

CCPA

California Consumer Privacy Act — a US state law enhancing privacy rights and consumer protection for California residents.

Data Protection Impact Assessment

A process required under GDPR for assessing the risks of personal data processing activities and identifying measures to mitigate those risks before implementation.

The concept that data is subject to the laws and governance structures of the country where it is collected or processed.

A systematic evaluation of the potential effects and risks of an AI system before and during its deployment.

The application of ethical principles and moral standards to business activities, decisions, and relationships.

The developing body of laws and policies governing the development, deployment, and use of artificial intelligence systems.

Evaluating the potential risks of engaging with a vendor including security, financial, and operational concerns.

A structured approach to identifying, assessing, and mitigating risks associated with AI systems, as defined by standards such as NIST AI RMF and ISO/IEC 42001.

Laws, regulations, and procedures designed to prevent criminals from disguising illegally obtained funds as legitimate income.

A systematic evaluation of the potential social, economic, and civil rights impacts of an automated decision-making system before and after deployment.