AI can improve productivity, support better services and unlock social benefit at scale. However, if it is deployed without good governance, it can automate discrimination, intensify inequality, undermine privacy and damage public trust.
In Episode 7 of the Guardians of Data podcast, AI expert Tahir Latif argued that ethical and responsible AI cannot remain a collection of impressive slogans. Principles such as fairness, transparency, accountability and safety only matter if organisations can translate them into practical governance, day-to-day
decision-making and evidence of responsible deployment. This is an urgent challenge because AI is being adopted faster than many organisations are maturing.
Defining the Use Case
Tahir says that businesses and public bodies often see AI as a strategy in itself:
an answer to cost reduction, efficiency, competitive advantage or service improvement. But AI is not a strategy. It is a tool. The question is not simply “Can we deploy this?” but “Why are we deploying it, who may be affected, what could go wrong, and how will we know whether it is working fairly?”
A responsible AI programme starts with a clearly defined use case. Organisations should resist the temptation to apply “AI everywhere for everything”. A use case should explain the problem being solved, the people affected, the intended benefits, the lawful basis for processing data, the decision points where AI will be used and the limits of the system. This matters because the ethical risk of AI depends heavily on context. A tool that recommends music is very different from one that influences access to housing, healthcare, benefits, policing or credit.
Strong Information Governance
The next foundation a responsible AI programme is data quality. AI systems inherit the strengths and weaknesses of the data on which they are trained, tested and deployed. If data is biased, incomplete, unlawfully sourced, poorly classified or disconnected from its original purpose, the organisation is not innovating on solid ground; it is scaling risk. Ethical AI therefore requires strong information governance: clear data provenance, lawful and fair processing, purpose limitation, data minimisation, retention controls, accuracy checks and ongoing monitoring for bias or drift.
Governance should begin at the ideation stage, not after a model has been purchased, built or released. Organisations need an AI governance framework that identifies ownership, risk appetite, approval routes, documentation standards, testing requirements, escalation processes and independent review. The UK’s regulatory approach highlights five relevant principles: safety, security and robustness; appropriate transparency and explainability; fairness; accountability and governance; and contestability and redress. The OECD AI Principles similarly emphasise human-centred, trustworthy AI that respects human rights and democratic values.
The Human in the Loop
Governance cannot be a paper exercise. Tahir warns against organisations claiming to have “human in the loop” oversight when the human does not understand what they are reviewing or lacks authority to stop a problematic deployment. Responsible oversight requires trained and empowered people. They must understand the limits of AI outputs, be able to challenge results, know when to escalate concerns and have permission to say no where risks are disproportionate.
This is particularly important because AI systems can be fluent, persuasive and wrong. A confident output is not the same as a reliable one. AI often produces plausible answers rather than verifiable truth. That creates a risk of misplaced reliance, especially where users assume that machine-generated outputs must be objective or authoritative. Organisations should therefore build in validation, sampling, audit trails, performance monitoring and clear thresholds for human review.
Transparency and Explainability
Tahir says that central to trustworthy AI is transparency and explainability. But these terms must be understood realistically. Transparency means being open about when and how AI is used, what data it relies on, what role it plays in decisions and what rights affected individuals have. Explainability is about providing a meaningful account of how a system reaches or supports an outcome. In low-risk settings, a simple explanation may be enough. In high-impact contexts, such as credit, employment, welfare or healthcare, people need understandable reasons, routes to challenge and access to human review.
Tahir’s mortgage example makes the point. If an applicant with a strong credit history, stable income and low debt is refused by an AI-assisted system, “computer says no” is not acceptable. The organisation must be able to explain the relevant factors, identify whether the decision was fair and provide a meaningful mechanism for contesting it. The more opaque the model, the stronger the justification must be for using it, especially where simpler and more interpretable methods would achieve the purpose.
Privacy and data protection also sit at the heart of responsible AI. The healthcare example discussed in the podcast shows both the opportunity and the caution required. AI can assist radiographers by reviewing large volumes of labelled X-ray images quickly and accurately, helping clinicians identify patterns that may be difficult for the human eye to detect. But the same sector also illustrates why governance matters: patients must be able to trust that sensitive data is used lawfully, securely and proportionately, and that AI supports rather than replaces accountable clinical judgment.
Lifecycle Management
Tahir emphasise that AI risk does not end at product launch. Models can degrade, data can change, users can misuse outputs and social impacts may emerge over time. Organisations should monitor performance, fairness, security, complaints, incidents, and unintended consequences. They should also be prepared to suspend, retrain, restrict or retire systems that no longer meet legal, ethical or operational standards.
Respecting Rights
Copyright and training data add another ethical dimension. AI systems depend on data, but innovation cannot simply override the rights of creators, authors, artists and performers. Organisations should ask whether training data has been lawfully obtained, whether rights holders have been respected, whether outputs may reproduce protected material and whether transparency is owed to users or creators. Ethical AI is not only about avoiding biased outputs; it is also about respecting the labour and rights embedded in the data ecosystem.
IG Officer Skills
For information governance professionals, the message is clear: AI governance is not a side issue. It is becoming a core professional responsibility. The most valuable skills will include judgment, translation, evidence and humility.
Judgment means asking whether a system is proportionate, fair, defensible and wise. Translation means communicating risk across technical, legal, governance and executive audiences. Evidence means documenting decisions, testing, approvals, safeguards and monitoring. Humility means recognising that AI is developing quickly and that continuous learning is essential.
Tahir says that ultimately, building responsible, trustworthy and ethical AI systems is not about choosing between innovation and regulation. It is about designing the conditions for AI to serve people well. That means clear use cases, good data, meaningful accountability, trained humans, transparent explanations, privacy by design, challenge mechanisms and ongoing assurance. AI may be powered by technology, but trust is built by people, governance and the choices organisations make before, during and after deployment.
Listen to the full Episode 7 with Tahir Latif.
AI and Cyber Security
In recent weeks, governments, regulators and cyber security professionals have been gripped by the emergence of Mythos, the powerful AI model developed by Anthropic. Touted as capable of identifying software vulnerabilities at a level that rivals some of the world’s most skilled human researchers, the model has generated excitement, concern and intense debate.
Against this backdrop, our guest in Episode 11 of the podcast is an internationally renowned cybersecurity leader, educator and technology strategist, Caroline Wong.
In this conversation, Caroline explains how cybercriminals are using AI to launch sophisticate cyber-attacks. We also discuss how organisations can use the same technology to strengthen their cyber defences. But this conversation goes beyond the technical. We discuss why trust is becoming the central battleground in cybersecurity, how deepfakes and AI-generated content are reshaping the way we verify information, and why human judgment remains critical despite rapid advances in automation. We also take a closer look at Mythos itself and what it means for the future of cybersecurity.
Listen to Episode 11 with Caroline Wong
