Objective of the sandbox process

Based on Finterai's use of artificial intelligence (AI), the Norwegian Data Protection Authority and Finterai have jointly identified three problematic areas, where federated learning in this project challenges the data protection regulations and the data subjects’ privacy. These issues may also be relevant for other developers and enterprises wishing to use federated learning:

1. What roles and responsibilities does Finterai assume in the use of the federated learning model?

   What personal data processing activities take place in connection with federated learning, including standardisation as a preparatory step? What responsibility on the part of Finterai does this trigger?

2. How can Finterai facilitate data minimisation relating to the processing of transaction data and third-party data?

   When Finterai sets limits for the data categories all the participants must have access to, what impact does this have on data privacy?

3. Can Finterai safeguard data privacy when sharing machine learning algorithms?

   How can Finterai evaluate any breaches or vulnerabilities in the solution? How can an acceptable risk level be identified?