“In recent years, when technology companies promote a new generation of information technology products, issues such as data security and data privacy have been widely criticized. Data is an important foundation for driving the rapid development of artificial intelligence, and its safety also determines the safety of artificial intelligence. The accelerated development of artificial intelligence has brought new opportunities and challenges to data security governance.
In recent years, when technology companies promote a new generation of information technology products, issues such as data security and data privacy have been widely criticized. Data is an important foundation for driving the rapid development of artificial intelligence, and its safety also determines the safety of artificial intelligence. The accelerated development of artificial intelligence has brought new opportunities and challenges to data security governance.
Verification code login, mobile online payment, face recognition access control…
With the development of a new generation of information technology, the Internet and artificial intelligence technology applications are booming, and data is also regarded as an intangible asset. However, technology is a double-edged sword. While bringing efficiency improvements to our production and life, the accompanying safety issues cannot be ignored.
When technology companies promote a new generation of information technology products, issues such as data security and data privacy have been widely criticized. Data security has become a key and urgent issue in today’s digital transformation era.
At the 2021 World Artificial Intelligence Conference held from July 8th to 10th, issues such as data security, data governance, and network security have attracted much attention. The industry believes that in the process of deepening the digital transformation of cities with artificial intelligence, companies should actively accept supervision and promote the healthy and sustainable development of the industry.
Data security governance faces new opportunities and challenges
Recently, due to serious violations of laws and regulations in collecting and using personal information, 25 apps such as Orange Recorder were notified by the State Internet Information Office to be removed from the app store in accordance with the relevant provisions of the “Network Security Law of the People’s Republic of China”.
Earlier, in the Shanghai Auto Show Tesla owner rights event, Tesla announced the driving data of the rights defense owner’s vehicle half an hour before the incident. This behavior has caused many controversies: Should car companies make driving data public? How do people determine the reliability of data?
Without the collection and foundation of big data, artificial intelligence is without roots. Data is an important foundation for driving the rapid development of artificial intelligence, and its safety also determines the safety of artificial intelligence. The accelerated development of artificial intelligence has brought new opportunities and challenges to data security governance.
“Big data drives the development of business, making data security more important to the operation of cities than ever. Once data is attacked, it means that the business will stop, which will cause serious economic losses and social consequences.” Founder of 360 Company, Chairman and CEO Zhou Hongt said that in recent years, 360 Company has received a large number of reports from hospitals, saying that after the hospital website was attacked by ransomware, surgery could not be performed and patients could not be registered for medical treatment.
In recent years, cities have also become important targets for cyber blackmail, and the targets of cyber attacks are not limited to computers, mobile phones, devices, and systems, but gradually extend to data. The acquisition, processing, and application of artificial intelligence data have strong privacy and field scalability, which is related to personal information security and even national information security. Data extortion from the government and urban public utilities will cause the city’s operations and services to be shut down. In May of this year, the largest fuel pipeline in the United States was forced to shut down due to a cyber attack, which affected 45% of the supply of gasoline and diesel fuel on the east coast of the United States.
The industry believes that, in response to the above situation, it is necessary to allow artificial intelligence technology to hang a sword of Damocles above the head.
Corresponding risks exist in the process of data input and analysis
Illegal cross-border circulation of data may endanger national sovereignty and national security; excessive collection and illegal use of digital information may infringe the rights and privacy of citizens; algorithm preferences may aggravate social prejudice or discrimination, threatening fairness and justice; driverless cars are urgent Intelligent decisions such as risk aversion may threaten the lives of certain groups of people…
Chen Zhimin, deputy director of the Social and Legal Committee of the National Committee of the Chinese People’s Political Consultative Conference, pointed out at the high-end security dialogue of the Artificial Intelligence Conference that the development of artificial intelligence and the risks of security development coexist at the same time. This is not only a technical issue, but also a security issue, but also involves ethics, law and international Rules and other related issues.
He Xiaolong, deputy director of the National Industrial Information Security Development Research Center, said at the Artificial Intelligence Conference that the data security issues brought about by artificial intelligence have accelerated traditional data security issues on the one hand.
The large-scale use of artificial intelligence has further exacerbated the security problem of excessive data collection. On the other hand, it also brings new data security issues. Artificial intelligence algorithms have a strong dependence on data, which may bring new data security challenges such as data poisoning.
Algorithms, models, and data constitute the three cornerstones of machine learning. Zhu Jifeng, chief AI security expert of Tencent’s Suzaku Lab, said at the artificial intelligence conference theme forum that from the perspective of the upstream and downstream industrial chain in the algorithm construction process, data input, data analysis, model training, model decision-making, and model launch There are corresponding risks in the process of deploying applications and transforming models.
For example, in the data input link, if the attacker controls the source of the data, or the attacker can launch a security attack on the data-collecting device itself, the algorithm model will eventually be affected through this chain. If the gyroscope is affected by ultrasonic waves, the drone can eventually fall. Or in the model decision-making stage, physical attacks can be used to cause problems with the final visual recognition system of the self-driving vehicle, which may affect the automatic driving of the vehicle or the judgment of pedestrians.
With the application of artificial intelligence, the abuse of technology brings the risk of losing control. The verification code verification mechanism bears the brunt. Zhu Jifeng introduced that as early as 2017, underground black production had begun to use machine learning methods for QR code recognition training. The data shows that more than 80% of the verification accuracy can be automatically completed online registration through machine learning algorithms, which creates a series of security problems.
Three major systems build a data security firewall
Face recognition technology relies on the analysis of massive view data, so data security directly affects the actual application of face recognition technology. The application of artificial intelligence technology in the field of security is the training ground where the technology seeks the fastest and the earliest application.
Huang Xiaoqing, the founder, chairman and CEO of Dada, said that there are many ways to solve data network security issues from data collection to data processing to data transmission. From the perspective of network and data, three important tasks must be completed-physical isolation, network isolation, and end-to-end application protection.
In addition to technology, my country has also made explorations in data legislation using legal weapons.
In June this year, my country promulgated the “Data Security Law”, which will be officially implemented on September 1. The “Data Security Law” proposes to build a data security supervision system with data classification as the core, requires strengthening the implementation of the obligations and responsibilities of data security protection of data processing activities at all levels, and provides a legal basis for regulating data processing activities and ensuring data security. In addition, the “Personal Information Protection Law (Draft)” is also about to enter the third trial stage. The two bills complement each other and promote my country’s personal information protection and data security governance into a new stage.
At the Forum of “Great Love Without Borders and Symbiosis” at the Artificial Intelligence Conference, Xue Lan, Dean of Schwarzman College of Tsinghua University, reviewed that the artificial intelligence governance model has gone through three stages: responsive governance, centralized governance, and agile governance. “Now we have entered a relatively concentrated governance model. This model clarifies the country’s determination to strengthen industry supervision and promote the implementation of the system, and take more resolute measures to implement regulatory rules on various issues that have been exposed, and at the same time touch on the need for further research. Question.” Xue Lan said.
Currently, Shanghai is studying the establishment of a local standard for the application of facial recognition classification and classification in public places, which will become the first local standard for facial recognition in the country; conduct research on the city’s artificial intelligence data legislation, standardize data rights, data sharing, etc. Important content to promote the research of credible artificial intelligence. The Shanghai Municipal People’s Congress is also drafting the “Shanghai Data Regulations.”
In addition, the Shanghai Digital Certificate Certification Center, the School of Computer Science and Technology, Fudan University, the School of Electronic Information and Electrical Engineering, Shanghai Jiaotong University, the National Engineering Laboratory for Mobile Internet System and Application Security, and the Shanghai Cyber Security Industry Innovation Institute jointly initiated the establishment of digital identity and Data Circulation Trust Technology Laboratory. The laboratory will conduct research and industrial applications of digital trust technology such as privacy computing, blockchain, and cutting-edge cryptography based on the ecological cooperation of production, education and research based on digital trust technology, and support the digital transformation of cities, the construction of data element markets and the Network security system construction.
The reporter was informed that Shanghai Pudong New Area will conduct legislative explorations in data resource sharing, data transactions, and data development and utilization; Lingang New Area will pilot the security assessment and service supervision of cross-border circulation of corporate legal person data, and strengthen the overall personal data. Life cycle safety monitoring and protection.