Angela Lo Giudice is a lawyer, DPO, trainer and digital mediator, as well as Co-Founder of Polimeni.Legal. With over twenty years of experience in the field of Internet law, privacy, e-commerce and copyright, she is one of the leading Italian experts on personal data protection. In view of her speech in Florence, we asked her for some previews on current and rapidly evolving topics, such as corporate compliance in the use of artificial intelligence tools, a field that is starting to take shape and that undoubtedly promises to revolutionise the legal and technological landscape.
1. What are the main privacy concerns when travel companies use AI to collect and analyse customer data?
When talking about customer data collection and analysis I can’t help but think of two distinct situations: the first relates to the analysis and optimisation of marketing campaigns and therefore to user profiling while the second is related to the phenomenon of the use of unauthorised AI tools (Shadow AI). In relation to the first point it is important to remember that any form of automated decision-making process, including profiling, must be subject to specific and separate consent. Consent has very particular rules that cannot be disregarded and, among these, the one that I would like to point out in this context is that it must be informed. This means that in the case of profiling, the logics applied must be clearly indicated.
In relation to the second point, the premise is somewhat different. What cannot be excluded must be governed. Companies must make it clear and implement specific policies on the correct use of artificial intelligence. The main risk always depends on an unaware use of the tools that can result in the loss of control over data, especially if it is not known whether the model is trained by uploading personal data.
Certainly, anonymisation or, at least, pseudonymisation of data are useful measures to limit the problem; it is also always a good idea to conduct an impact assessment.
2. How can tourism companies ensure they comply with copyright laws when using AI-generated images or content in their marketing campaigns?
Firstly, let’s start from a premise: not all platforms are the same.
This means that the copyright on the output generated with the use of artificial intelligence can vary depending on the type of platform being used and can also change within the same tool chosen based on the type of version.
It should also be noted that, regardless of this, the platforms do not guarantee that the output thus obtained constitutes an “original” product; it is therefore always advisable to use other tools that allow determining of its originality.
3. How might the European AI Act affect the way travel agencies use AI technologies to interact with customers?
Let us start by saying that companies can combine LLM (Large Language Model) models, such as chat gpt, with internal databases in order to create automated desks such as chatbots that are able to provide information on the services being offered.
In a context such as the one illustrated, as an example, it should be highlighted that the AI Act envisages a classification based on the risk that the system poses to the fundamental rights of individuals and therefore companies that intend to develop or evolve these models will need to adopt suitable security measures, perform a risk analysis and may be subject to specific compliance requirements.
Lawyer Angela Lo Giudice of Polimeni.Legal will be present at BTO in the toolbox moderated by Luca Bove on AI & Compliance. A crucial opportunity for companies to understand how to use AI in a safe and compliant manner, reducing legal risks and maximising growth opportunities.
The interview was conducted by Giulia Eremita, coordinator of the “Digital Strategy” topic.
We look forward to seeing you in Florence on 27 and 28 November 2024.
