T32. Data ontologies, inferences, and proxies
Navigation: AIGA AI Governance Lifecycle > C. Data operations > T32. Data ontologies, inferences, and proxies (this page)
Task description
Data resources contain various categories of data. The categories reflect explicit or implicit data ontologies. Data ontologies consist of entity taxonomies (what entities are assumed to exist) and models of entity relationalities and causality (how the entities relate to each other).
Data ontologies may have significant implications on how algorithms and AI systems function, what risks they create and to whom, and what entities and how the AI system affects them. In advanced machine learning approaches, data ontologies are complex as the source data ontologies combine with the non-representational sensemaking inherent to the approaches. Understanding the ontologies may only be possible by analyzing algorithm outputs.
The AI System Owner should ensure that the organization
1) adequately understands the AI system data ontology,
2) has explored the risks related to possible inconclusive evidence, system, and discrimination risk, and
3) develops and implements measures to minimize and mitigate possible data-related risks.
The Algorithm Owner should ensure that the organization
1) adequately understands the algorithm data ontology,
2) adequately understands what inferences are drawn on the data and what proxies are created when the organization uses a machine learning approach to develop an algorithm,
3) has explored the risks related to possible inconclusive evidence, system bias, and discrimination risks the data ontology may create, and
4) develops and implements measures to minimize and mitigate possible data ontology-related risks.
In particular, if the AI system makes decisions that affect natural persons, the AI system owner should ensure that the organization conducts a comprehensive assessment of the AI system’s discrimination, misidentification, and cultural sensitivity risks.
The AI System Owner and Algorithm owner should ensure that the residual risks are acceptable and align with the organization’s values and risk tolerance.