AI's privacy law conundrum
Reports that radiology giant I-MED collected X-ray and CT scan data without patient consent have sparked debate over privacy laws and the use of de-identified information.
The controversy over medical imagery data collected by radiology giant I-MED and transferred in 2019 to startup Harrison.ai has heightened concerns about the use of personal data to train artificial intelligence models, just as Australia reviews its privacy laws.
Crikey last week reported that the data was collected without patient consent, raising concerns over whether it was provided to Harrison.ai in a form that could theoretically enable individuals involved to be identified.
“There is a lot of uncertainty about Australia's definition of personal information and the scope of what it covers. This uncertainty flows into the scope of de-identified personal information,” privacy law specialist Mark Byrne of consultancy elevenM told Capital Brief.
Harrison.ai co-founder Aengus Tran has emphatically rejected suggestions that the data used to train the startup's AI models was illegally or unethically collected. However, the incident still highlights how unclear the rules surrounding the use of collected data for AI training can be — an issue which has implications far beyond any individual startup.
