Policy compliance platform.  Looking through your policies against laws and regs where you trade and initiate a workflow for remediation.  

A talk given by Gal Ringel, CEO and co-founder, Mine. Part of the talk was about rouge IT and minimizing data landscape by pruning accounts where you only have 1 user.   The methodology seemed to be to scan email meta data to find cloud based systems to which somebody had signed up, which I am not sure I fully understood. 

They then talked about, Data classification.  Scan the data.  Meta data scan.  Deep link to file or data source.  They noted finding sensitive data in very unexpected places, like meeting notes containing credit card numbers

They mentioned the need under GDPR to create a record of processing activity (ROPA) and mapping what applications processes what data automatically through their Data Privacy Copilot.   It got me wondering if Enterprise Resource Planning vendors create a ROPA for their customers. 

Given by Barry Scannell, Partner (AI Law), William Fry LLP and Nish Imthiyaz, Global Legal Counsel – Privacy, AI, and Digital Regulations, Vodafone

The first thing to note was that the talk was standing room only.  Great presenters.   They noted thet the use of AI in product terminology diminishes trust in that product.  

There were some aspects of the rules that were new to me.  For example, rules on AI literacy.  The UK will have to comply.  The presenters made a great deal of the fact that if the data is consumed within the EU or uses data of EU you need to comply with the regulations and surrounding regulations.  For example, a model provider must comply with EU copywrite law. 

We made the point in the Q&A that the definitions within the EU AI are very broad and may include things that folks do not think of as being an AI.  We also noted that there are things in the prohibited practices that may surprise folks; for example, detecting somebody's emotional state is prohibited and yet sentiment analysis is a standard feature within marketing  software.

Moderated by Paul Munson, Compliance Lead EU & UK (MLRO/CCO), Legal and Compliance, Rippling

The session was conducted as a Q&A session starting off with how is AI being used.   Some pieces seemed to conflate analytics and artificial intelligence: links in fragmented datasets.  hidden correlation, anomaly detection and textual analysis.  However there was one example from an insurance company that I thought was very interesting.  They paid a claim based on the text in the description and then found the exact same text in many subsequent claims. 

They talked about doing a network analysis of connected identities that reminds me of how photographs get connected with string at a detectives desk.  

When the conversation drifted towards large language models, they made the point about prompt engineering, being the new reading and writing.   The more exposure I get to these systems the more I agree that the most crucial skill is learning to frame questions well.