then Michael, I'd love to have you weigh in. Simon, you talk about every company having someone
like this in their hierarchy who's sort of overseeing all of this. One of the audience members is
asking, "On the issue of training against bias, who will be the keeper of the rules?" So, how do you
sort of manage that within a company, how are CEOs thinking about that, Simon?
41:01
Simon Freakley
Well, inevitably, what happens, of course, in these situations is that these types of things tend to
aggregate under the general counsel, because when there isn't an obvious answer to something like
this, even if somebody's given particular responsibility, they report to the general counsel, because
the general counsel is the person that looks across the landscape of risk and looks across the
landscape of liability. And so, often that is what happens. Now, that isn't to say that the chief
information security officer, somebody doing a very important job, particularly in this world where
we're surrounded by cyber threats, isn't reporting up with a very different mandate, but for a similar
purpose to make sure that the enterprise is kept safe and threats are mitigated.
But in the ethical officer, if we call them that as a shorthand, how one can demonstrate to various
stakeholders that a corporation is handling data in an ethical way. I think that may sit under a
general counsel conveniently, or it may be something that goes through, for instance, the head of
internal audit. The head of internal audit, classically, has a direct reporting line to the chairman or
the senior independent director on the board, so that person can report independently of the
existing management structure. I can imagine honestly, for the want of a better title, the chief ethics
officer, information ethics officer in this sense, having a similar reporting line. But I do think that
fairly quickly, every corporation will need to have someone doing that function so that stakeholders
can be confident in how information is being used by the corporation.
42:40
Michael Kratsios
Totally. The only thing I would add was, wherever this ends up being, I think there's certainly roles
within a CIO office or CTO's Office of people who actually can do the technically rigorous analysis
that then gets fed up to the particular person responsible. And I think when you start scoping out
sort of, what are the technical expertises you need within your sort of CIO team or CTO team to
execute on these AI projects, I think you need people who are excited about the implementation and
the execution and building the model and deploying it, but you ultimately also need to think very
carefully about who is doing the testing and evaluation - are those people separate and distinct
from the people that are just trying to build the model - and creating even that kind of separation
within your organization, so you have some sort of checks and balances on the tech side.
43:24
Simon Freakley
That's a great call out, actually. If you think about, back to my head of internal audit analogy, the
head of internal audit will have a reporting line to the CFO, but actually have a direct dual reporting
line to the board. And I can see a similar model taking shape. So, maybe the person does have a
reporting line to the chief technology officer or CIO, but a separate reporting line elsewhere to
ensure that everybody can be confident that somehow a message isn't being lost through the
standard reporting structure of the enterprise.
43:52