AI Exposes Employees to Increased Security and Privacy Risks

December 11, 2018

For all of its ostensible benefits and efficiencies, widespread implementation of artificial intelligence (AI) poses significant danger to workers in the U.S. and elsewhere. As employers increase the amount of employee data they collect, so does the risk that the information will be abused, placing employee security and privacy in peril.

Big Data, AI and Security Risks

Widespread use of malicious AI may create entirely new security threats as well as exacerbate existing dangers. Automating scams and hoaxes like “spear phishing” can dramatically increase their potential threat, as these fraudulent attempts to procure sensitive data like login information now quickly reach thousands or millions of employees (increasing the chances that one employee will take the bait and turn over information that allows access). As AI gets better at manipulating data and creating copycat authentication systems, the chances that it can be used to create a virtually perfect online imposter increase exponentially.

Say your company routinely uses an app that notifies you by email when you receive a new message. You receive an email that purportedly notifies you that your boss has sent you a message; when you click on the link, it takes you to a site that appears to be the authentic messaging app, and a follow-up message supposedly from your boss asks you to remind him what the new password to the client database is. If the entire setup is a carefully constructed fraud, you may have just exposed your client data to widescale unauthorized access.

Eroding Privacy Issues

Many companies are now creating AI systems that depend on “biometrics” (unique, biologically-based data like fingerprints, voice prints, or scans of a person’s retina, face, iris, or hand). These significantly improve many security issues, since it is extremely difficult to imitate or replicate this data. But collecting this kind of information from employees raises questions about how an employer plans to use that data and increases the risk that an unauthorized third party could gain access to and misuse the information.

Using AI to automate and integrate employee medical, health, and personnel records with biometric data could open the door to using any of that information for adverse employment purposes, denying an employee access to health care, or engaging in other discriminatory treatment based on previous issues like accidents, workers’ compensation claims, private health issues, and more.

(*Prior results do not guarantee a similar outcome.)