Bhopal: At the APAC National Cloud & Cyber Security Summit, Abilash Soundararajan, Founder and CEO of PrivaSapien, discussed the critical importance of privacy engineering and responsible AI in today’s digital landscape.
Soundararajan started his speech with an introduction to PrivaSapien, a privacy engineering and responsible AI company, incubated by the Data Security Council of India (DSCI).
Navigating regulatory frameworks
Against the backdrop of strict data protection measures such as India’s Data Protection Bill (DPDP) and General Data Protection Regulation (GDPR) in Europe, Soundararajan gave his insights on the global significance of regulatory compliance to safeguard citizens’ privacy rights.
Soundararajan talked about the heavy penalties that come with non-compliance and suggested that organisations should prioritise privacy protection in their operations. Additionally, he discussed the challenges posed by emerging technologies, including large language models like ChatGPT, and the need for regulators to adapt quickly while addressing evolving threats.
Distinguishing security from privacy
Describing the difference between security and privacy, he said, “Security is pre-access to data and privacy is post-access to data.” Soundararajan further explained that while security focuses on how to protect data after giving it to somebody, privacy concerns arise post-access. He advised a proactive approach to privacy by adopting privacy by design principles.
Embracing privacy by design
Suggested a shift from traditional privacy checklists to innovative technologies such as differential privacy, federated learning and homomorphic encryption, which offer better protection against data breaches and unauthorised access.
Introducing innovative products created by PrivaSapien, he explained how Privacy X-ray, Event Horizon, Cryptosphere, PrivaGPT and Data Twin, have been designed to empower organisations with comprehensive privacy risk assessment and mitigation capabilities.
Organisational responsibility
To safeguard sensitive data, and to uphold the trust of stakeholders, Soundararajan favoured the idea of organisational responsibility. He urged organisations to conduct comprehensive privacy risk assessments and threat modelling exercises to identify and address potential vulnerabilities. He stressed on the importance of feedback mechanisms to infuse policy formulation and aid the development of effective privacy solutions tailored to diverse regulatory landscapes.
Community engagement for a privacy-preserving future
Concluding his address, Soundararajan invited industry stakeholders to join the Privacy Engineering & Responsible AI (PERAI) community, citing the importance of community engagement and awareness creation. He said, “We keep sharing a lot of interesting information on developments. We are looking forward to join hands with you and build a privacy-preserved and responsible AI future for humanity.”
Government entity’s Privacy Journey
In response to a query from the audience regarding government entities’ privacy journey, Soundararajan suggested a systematic approach to privacy compliance. He said that understanding and assessing privacy risks are the foundational steps for the journey, followed by the design of data flows based on consent, legal purpose, and privacy protection.
Also Read More –
Discussion about this post