Joint statement on AI Generated Imagery

By
LiveNews Publisher
-
0
6

Source: Privacy Commissioner

AI systems generating realistic images and videos depicting identifiable individuals without their knowledge and consent has led to the New Zealand Office of the Privacy Commissioner co-signing a joint statement on the issue. The concerns about these technologies include the creation of non-consensual intimate imagery and potential harms to children and other vulnerable groups.

The co-signatories remind all organisations developing and using AI content generation systems that these systems must be developed and used in accordance with applicable legal frameworks, including data protection and privacy rules. The statement also notes that fundamental principles should apply when using AI content generation systems, including implementing robust safeguards, transparency, and addressing specific risks to children.

Joint Statement on AI-Generated Imagery and the Protection of Privacy

The co-signatories below are issuing this Joint Statement in response to serious concerns about artificial intelligence (AI) systems that generate realistic images and videos depicting identifiable individuals without their knowledge and consent.

While AI can bring meaningful benefits for individuals and society, recent developments – particularly AI image and video generation integrated into widely accessible social media platforms – have enabled the creation of non-consensual intimate imagery, defamatory depictions, and other harmful content featuring real individuals. We are especially concerned about potential harms to children and other vulnerable groups, such as cyber-bullying and/or exploitation.

Expectations for Organisations

The co-signatories remind all organisations developing and using AI content generation systems that such systems must be developed and used in accordance with applicable legal frameworks, including data protection and privacy rules.

We also highlight that the creation of non-consensual intimate imagery can constitute a criminal offence in many jurisdictions.

Whilst specific legal requirements vary by jurisdiction, fundamental principles should guide all organisations developing and using AI content generation systems, including:

  • Implement robust safeguards to prevent the misuse of personal information and generation of non-consensual intimate imagery and other harmful materials, particularly where children are depicted.
  • Ensure meaningful transparency about AI system capabilities, safeguards, acceptable uses and the consequences of misuse.
  • Provide effective and accessible mechanisms for individuals to request the removal of harmful content involving personal information and respond rapidly to such requests.
  • Address specific risks to children through implementing enhanced safeguards and providing clear, age-appropriate information to children, parents, guardians and educators.

Coordinated Response

The harms arising from non-consensual generation of intimate, defamatory, or otherwise harmful content depicting real individuals are significant and call for urgent regulatory attention.

To encourage the development of innovative and privacy-protective AI, the co-signatories of this statement are united in expressing their concern about the potential harms from the misuse of AI content generation systems. The co-signatories aim to share information on their approaches to addressing these concerns that can include enforcement, policy and education, as appropriate and to the extent that such sharing is consistent with applicable laws. This reflects our shared commitment and joint effort in addressing a global risk.

Conclusion

We call on organisations to engage proactively with regulators, implement robust safeguards from the outset, and ensure that technological advancement does not come at the expense of privacy, dignity, safety, and other fundamental rights – particularly for the most vulnerable of our global society.

List of signatories 

  • Information and Data Protection Office of the Republic of Albania
  • Andorran Data Protection Agency, Andorra
  • Agency of Access to Public Information – DPA Argentina
  • Ombudsman’s Office of the Autonomous City of Buenos Aires, Argentina 
  • Office of the Information Commissioner, Queensland, Australia
  • Basque Data Protection Authority, Spain
  • Data Protection Authority, Belgium
  • Office of the Privacy Commissioner of Bermuda
  • National Data Protection Agency, Brazil
  • Commission for Personal Data Protection of the Republic of Bulgaria
  • Commission for Information Technology and Freedoms, Burkina Faso
  • Office of the Privacy Commissioner of Canada
  • Office of the Information and Privacy Commissioner of Alberta, Canada
  • Office of the Information and Privacy Commissioner for British Columbia, Canada
  • Office of the Information and Privacy Commissioner for Newfoundland and Labrador, Canada
  • Commission on Access to Information of Quebec, Canada
  • National Commission of Data Protection, Republic of Cabo Verde
  • Catalan Data Protection Authority, Catalonia (Spain)
  • Superintendence of Industry and Commerce of Colombia
  • Croatian Personal Data Protection Agency
  • Commissioner for Personal Data Protection, Cyprus
  • Superintendence of Personal Data Protection of Ecuador
  • European Data Protection Board
  • European Data Protection Supervisor
  • National Commission for Information Technology and Civil Liberties, France
  • Federal Commissioner for Data Protection and Freedom of Information, Germany
  • Data Protection Commission Ghana
  • Gibraltar Regulatory Authority
  • Office of the Data Protection Authority, Bailiwick of Guernsey
  • Office of the Privacy Commissioner for Personal Data, Hong Kong (SAR), China
  • The Icelandic Data Protection Authority
  • Data Protection Commission, Ireland
  • Isle of Man Information Commissioner
  • Israeli Privacy Protection Authority
  • Italian Data Protection Authority
  • Jersey Office of the Information Commissioner, Bailiwick of Jersey
  • Office of the Data Protection Commissioner, Kenya
  • Information and Privacy Agency, Kosovo
  • Office of the Information and Data Protection Commissioner of Malta
  • Mauritius Data Protection Office
  • Institute for Transparency, Access to Public Information and Personal Data Protection of the State of Mexico and Municipalities, Mexico
  • Institute for Transparency, Access to Public Information and Personal Data Protection of Nuevo León, Mexico
  • Personal Data Protection Unit of the Anti-Corruption and Good Government Secretariat, Mexico
  • Personal Data Protection Authority, Monaco
  • Dutch Data Protection Authority, Netherlands
  • Office of the Privacy Commissioner, New Zealand
  • Nigeria Data Protection Commission
  • Norwegian Data Protection Authority
  • The National Authority for Transparency and Access to Information, Panama
  • National Authority for the Protection of Personal Data, Peru
  • National Privacy Commission, Philippines
  • Personal Data Protection Office, Poland
  • Portuguese Data Protection Supervisory Authority, Portugal
  • Personal Data Protection Commission of the Republic of Singapore
  • Information Commissioner of the Republic of Slovenia
  • Personal Information Protection Commission, Republic of Korea
  • Federal Data Protection and Information Commissioner, Switzerland
  • ADGM Office of Data Protection, Emirate of Abu Dhabi (United Arab Emirates)
  • Dubai International Financial Centre Authority, Emirate of Dubai (United Arab Emirates)
  • UK Information Commissioner’s Office, United Kingdom
  • Regulatory and Control Unit for Personal Data, Uruguay

MIL OSI

Previous articleRetail spending stronger than expected at end of last year
Next articlePolice staff leave jobs after investigations into inappropriate content

RELATED ARTICLESMORE FROM AUTHOR