What I’m Watching in 2024: A view from IBM’s Chief Privacy & Trust Officer

Today marks the start of International Privacy Week. As we look ahead to what this year will bring, there are a few important trends I’m watching for 2024 and some exciting news for the IBM Chief Privacy Office.

In 2024, I believe we’ll see:

1 - A Move from Cautious Exploration to a Rapid Adoption of AI, Particularly Generative AI

At the 2024 World Economic Forum in Davos last week, IBM Chairman Arvind Krishna predicted a $4 trillion annual productivity surge before the end of the decade due to the transformative nature of artificial intelligence (AI). Companies and governments can move beyond the examination and testing phase to now take advantage of the increasing maturity of available AI solutions. Success will build on success and AI adoption will increase as organizations discover more use cases that benefit from the deployment of AI. 

2 - Enhanced Focus on Privacy & Data Governance

As organizations roll out AI solutions, we’ll see a significant shift among companies towards enhanced privacy standards and stricter data governance. With increasing global awareness and concern over data misuse, particularly with the explosion of generative AI in the last year, businesses will be expected to adopt more secure data handling practices. In addition, new tools will make it easier for organizations to begin implementing robust data encryption, ensuring data anonymization where necessary, and ensuring strict data governance standards to increase transparency and responsibility.

3 - Evolving AI Regulations: National and State-Level Considerations

The landscape of AI regulation will evolve not only at the international level but also within individual countries, states, and cities. In the U.S., the Biden Administration has issued an Executive Order (EO) on Safe, Secure, and Trustworthy Development and Use of Artificial Intelligence (AI) and the U.S. Congress is charting its next steps on AI regulation. Individual states are also showing their willingness to establish their own AI rules of the road. This means individual states and cities may advance their own regulations, creating a complex patchwork that will need to be carefully navigated.

Meanwhile, the European Commission is moving forward with its regulation of AI, and we expect to see the final text of the EU AI Act as early as this week. And efforts continue around the globe, from Canada to Australia to South America and beyond. For example, in Southeast Asia, Singapore recently released a new Model AI Governance Framework for Generative AI, building on their years-long efforts at promoting governance for AI, and Japan announced its AI Code of Conduct last year and continues to work on risk-based regulations that protect innovation while mitigating risks. The region is also working towards an ASEAN-specific AI governance framework, building on the foundations already laid by Singapore and Japan. 

This plethora of forthcoming regulations will require organizations to invest in robust legal and ethical advisory efforts to ensure compliance across different jurisdictions. Regulations don’t need to be identical, but interoperability is key. Take for example the U.S. Department of Commerce’s work with the Singaporean government to complete an AI “crosswalk” -- this showcases alignment between the two governments on AI frameworks.

4 - Efforts to Address Barriers to AI Adoption

In 2024, barriers will still exist when it comes to AI adoption, and organizations will need to begin scaling up employee training and re-skilling programs if they’re going to meet the moment. IBM recently conducted a study that showed only 42% of large companies have actively deployed AI, while 40% are exploring or experimenting with it. This study revealed that the biggest barriers to AI adoption revolve around workforce skills gaps, data complexity, and ethical dilemmas surrounding AI technology. Companies and employees that learn to use AI to their advantage, while implementing complimentary governance and compliance frameworks, will be more competitive in the marketplace.

5 - Legal Concerns will Initially Cause Resistance, but will be Overcome through Careful Testing and Governance of LLMs

The concerns raised around issues like copyright, data usage and ownership that have surfaced over the past year will cause organizations to turn to reliable sources for the Large Language Models (LLMs) that they use in their AI-enabled business processes. Some will create their own models, and others will turn to model providers that offer indemnity and/or are transparent about where their data was sourced from. Doing so will help them avoid unnecessary risk. 

What Do These Trends Mean?

The trends above lay out some clear challenges for 2024, but they also reflect opportunities – ones that IBM has been meeting, and will continue to meet, head-on: 

-       IBM’s watsonx helps businesses deploy and embed AI across their organizations, manage data sources responsibly, and ultimately prepare for forthcoming regulations by helping to manage regulatory requirements and mitigate risk across jurisdictions. IBM’s long-standing ethics principles and governance frameworks have informed our AI solutions, including watsonx.governance.

-       IBM advocates for AI regulatory policies that balance mitigating risk with allowing innovation to flourish. We’ve worked with governments around the world to push for risk-based regulations that put consumers and businesses first by considering the context in which AI is used; that hold creators and deployers of AI accountable rather than creating blanket immunity from liability; and prioritize open innovation rather than onerous licensing regimes that increase costs, hinder innovation, and disadvantage smaller players in the marketplace.

-       IBM works with many organizations to support responsible AI. For example, IBM and Meta led the creation of the AI Alliance, a broad range of global organizations fostering an open community to enable developers and researchers to accelerate responsible AI innovation.

 The “Office of Privacy and Responsible Technology”

Given the trends we are forecasting and tackling in 2024, and particularly as we head into Privacy Week, I’m proud to announce that IBM is renaming our Chief Privacy Office to the Office of Privacy and Responsible Technology.

This change will help us better meet the moment we’re in when it comes to AI and emerging technology. We’re making this change for a few reasons:

First, we're in an exciting era of tech advancements and innovations that are transforming the way we live and work. The CPO has broadened our scope over the years as emerging technologies have surfaced, and we’re continuing to drive responsible innovation through these technologies for our clients. This reflects IBM’s work in generative AI, but also our continued priority to remain at the leading edge of responsible technology now and in the future.

Second, the name change demonstrates the evolution of our AI Ethics Board work from principles to practices to a governance program that tackles the challenges our clients are facing today, particularly as IBM and our clients prepare for AI regulatory requirements. Through our products and governance frameworks, like watsonx, we are supporting clients by harnessing technology responsibly.

And finally, this name change reflects IBM’s continual leadership in this space. IBM was one of the first major organizations to create a Chief Privacy Office over 20 years ago, and one of the first to create an AI Ethics Board. We’ve always believed that addressing the repercussions of innovations is just as important as the innovations themselves. IBM has been a trusted business partner for over a century by maintaining responsibility and accountability in our technologies. We build that trust into everything we do – it’s central to our company mission.

As you’ll see, we have some exciting work ahead, and 2024 promises to be another big one for privacy teams everywhere. We’re ready to meet this moment.

Want to hear more about privacy? Join Caroline Louveaux, Travis LeBlanc, J. Trevor Hughes, and me for the IAPP - International Association of Privacy Professionals Data Privacy Day LinkedIn Live Event.