Trust & Security

Last updated: April 14, 2021

Francis AI - AI Ethics Board Policy

At Francis AI, we believe artificial Intelligence (AI) technologies hold great promise for enhancing the effectiveness of public safety. But we believe we have the obligation to develop AI in a responsible way. One that promotes transparency, with built in mechanisms for accountability. And that’s why we assembled an Francis AI Ethics Board.

The mission of this independent board is to provide expert guidance to Francis AI on the development of its AI products and services, paying particular attention to its impact on communities.

Overview

We commit to being transparent and responsible in how we use AI and in how we design technologies. To guide us, we have formed the Francis AI Ethics Board. This external advisory body is made up of experts from varying fields including AI, computer science, privacy, law enforcement, civil liberties, and public policy. 

The charter of the board is to provide us with guidance about the responsible development of smart city technologies and of AI features in our products and services, which includes considering when to use and not use AI. The role of the board is to give us candid advice. We recognize that by providing us with advice, board members are not endorsing our products or services.

The set of operating principles presented below outlines how our team will work with the board, highlighting our commitment to transparency and our commitment to providing the necessary information to the board so they can provide us with constructive input. Note that these principles are not intended to be exhaustive of all of our responsibilities and principles related to AI but pertain specifically to the role of the board.  These principles demonstrate our commitment to designing technologies in a responsible and ethical fashion. We recognize that as we learn and grow and technologies change, these operating principles may evolve over time, and in such cases, we will revise the text of the principles publicly and provide an explanation for such changes.

Operating Principles

  • When considering a new AI application or smart city technology for which there may be substantial ethical risks, we will ensure that the board has an opportunity to discuss its pros and cons, and how it can be done most ethically. We will discuss new products with the board before launching a product that raises ethical concerns so that that they can provide us with guidance on new product development.

  • We will keep the board informed as to which tools we implement to allow oversight and transparency regarding how key AI and related technologies are being utilized, and how these tools are operating. We will build tools and systems to enable oversight around how these technologies are used in the field.

  • We will provide meaningful information to the board about the logic involved inconstructing our algorithms. We will clearly describe our thinking behind our models, what they are intended to do, ways in which they might be misused, and our efforts to prevent such misuse. 

  • We will provide a description to the board of the data on which a model was or is continuously trained. We will demonstrate that we have considered the potential biases in the data on which an algorithm was or is continuously trained and the assumptions used in the model. We will explain the steps taken to mitigate any negative consequences associated with bias or inaccuracy in our trained models. 

  • We will provide a list of all the inputs used by an algorithm at inference time to the board. For each AI algorithm running on our devices or services, we will provide a list of its input parameters along with a description for each parameter.

  • We will provide the board with the measures we have taken to ensure high levels of data security and privacy. Our public safety customers and their communities need to be confident that their data is appropriately protected to meet security and privacy requirements. We will discuss these measures with the board.

Abiding by the Operating Principles

To hold ourselves responsible to these operating principles, the following avenue is available to anyone inside or outside of the company to raise and address their concerns.

  • Contact the AI Ethics Board Lead. The board lead is outside of the AI Team’s chain-of-command. S/he will attempt to address concerns with Francis AI’s leadership. The current lead is Olaf Groth: ethics@Francis.ai

General Data Protection Regulation Policy

At Francis AI, we are aware of our obligations as an enabler of AI technologies under the GDPR - General Data Protection Regulation which came into effect on May 25th, 2018 in the European Union. We remain committed to helping support our clients around the world with GDPR compliance.

What is GDPR?

GDPR lays down rules relating to the protection of natural persons with regard to the processing of PII and rules relating to the free movement of PII. GDPR is planned to make persons and their rights central.

What is PII?

PII is any information relating to an identified or identifiable natural person.

PII types:

  • Biographical information including date of birth, social security numbers, phone numbers, email addresses and license plate

  • Looks, appearance and behavior, including eye color, weight and character traits

  • Workplace data and information about education, including salary, tax information an student numbers

  • Private and subjective data, including religion, political opinions and geo-tracking data

  • Health, sickness and genetics, including medical history, genetic data and information about sick leave

Pseudonymization & Anonymization

“Anonymization" of data means processing it with the aim of irreversibly preventing the identification of the individual to whom it relates.

“Pseudonymization” of data means replacing any identifying characteristics of data with a pseudonym, or, in other words, a value which does not allow the data subject to be directly identified.

The legal distinction between anonymized and pseudonymized data is its categorization as PII. Pseudonymous data still allows for some form of re-identification, while anonymous data cannot be re-identified. Both pseudonymization and anonymization are encouraged in the GDPR and enable its constraints to be met.

Francis AI Product Process Releated with PII

  • License Plate Recognition

GDPR Principles

  1. Personally Identifiable Information (PII) description - Any information about a natural person that can distinguish or trace an individual’s identity.

  2. Lawfulness, fairness and transparency - PII shall be processed lawfully, fairly and in a transparent manner in relation to the data subject.

  3. Data Minimization - Minimization of data acquisition: Data collection level must be equal to requirements of products or systems.

  4. Purpose limitation - PII can be collected for a specific purpose that the related natural person knows totally.

  5. Accuracy – PII shall be accurate and kept up to date where necessary. PII are erased or rectified without delay when they are inaccurate in regard to purpose that they are processed.

  6. Storage limitation - PII shall only be retained for as long as it is required by local law.

  7. PII is kept in a form which permits identification of data subjects for no longer than is necessary for the purposes.

  8. Data Masking - Pseudonymization or anonymization is an obligation to keep data for purposes other than violation of traffic violations

  9. Integrity and confidentiality - PII shall be processed in a manner that ensures appropriate security of the PII.

  10. Accountability - The controller shall be responsible for and be able to demonstrate compliance.

Francis AI’s Promise

  1. All information about any natural person obtained from Francis AI’s systems such as face photo and license plate details are considered PII.

  2. Francis AI products collect data such as license plates in order to detect traffic violations.

  3. The PII collected will only be those specifically required to process traffic citations.

  4. Different authorization levels for users can be set and access without permission will not be granted.

  5. Francis AI gathers PII and keeps them only as long as needed for processing the traffic citation as stipulated by local law.

  6. Francis AI may preserve anonymized data.

Francis AI’s products are designed in a manner that neither Francis AI nor any unauthorized third party can access the records and data obtained by this product. The responsibility for the usage of the Francis AI product in accordance with the terms of the PII protection laws and relevant legislation as well as storage, handling, usage, process of the records and data obtained by the Product, in accordance with the terms of the PII protection laws and relevant legislation of the user of the product. The user of the Francis AI product is also responsible for notifying the owners or relevant parties of the PII and, for obtaining required permission from them.