How Thomson Reuters and IBM are bringing AI to data privacy professionals

In today’s world, data is the new basis of competitive advantage – and businesses are paying close attention to how they use their data, especially highly-regulated customer information. While the goal is to extract insights and knowledge for better decision making, organizations must also ensure they are abiding by the legal and data privacy requirements. This process can be time-intensive for legal professionals, who must stay on top of ever-changing laws, often across multiple global jurisdictions. And there is a lot at stake, with noncompliance resulting in increasingly higher fines and substantial risk to a business’ reputation.

In the US alone, there are more than 70 government authorities with a legal point of view on data privacy, from states and state agencies, to congress and federal agencies, including the US Attorney General, Department of Justice and the Securities and Exchange Commission. On a global scale, complying with these regulations is becoming more complex, especially with the General Data Protection Regulation (GDPR) coming into effect in the EU later this year. A recent study found that 44% of data privacy professionals claim to already be failing to comply with data privacy regulations.

By applying AI to the data privacy domain, we’re offering legal professionals a deeper understanding of the law and what their data privacy obligations are across multiple global jurisdictions. For example, if a global organization is collecting sales data on customers in four countries, its data privacy team needs to understand specific requirements – like how to store that data, and how long it can be retained – across every national and local jurisdiction where they do business. The team would need to compare competing jurisdictions and find the right information to include to develop a compliant policy.

With the Ask Watson a Question feature in Data Privacy Advisor, a professional can pose natural language questions like “Does Australian law require regulator notification of a data breach?” or “What is the best practice for retaining employee data records?” rather than searching in legal or technical terms. Since the question-answering feature was jointly trained by IBM Watson and Thomson Reuters research scientists and industry professionals including researchers, lawyers and data privacy professionals, it can go beyond simply responding to queries, providing valuable recommendations and insights.

Watson technology is uniquely suited for understanding complex unstructured information such as regulatory requirements. The feature works by delivering a specific answer to questions, supported by relevant documents like statutes, government agency materials, and secondary sources like Corporate Counsel’s Guide to Privacy– rather than simply serving up documents related to keyword search terms. It can also return results that may be related to the search that the professional had not yet considered – such as how a pending law might impact legal obligations.

As the data privacy space evolves, organizations will continue to apply a critical eye to their data practices, ensuring that they are protecting customer privacy and adhering to government regulations. Understanding the complex web of new data privacy regulations – like GDPR – will be a critical component of the data privacy professional’s role. Tools like Data Privacy Advisor can help them achieve this mission, acting as a trusted advisor and empowering professionals to be more efficient while making informed decisions.

General Manager, IBM Watson Data & AI

Khalid Al-Kohafi

Vice President, Research and Development, Thomson Reuters