Are You Afraid of the Dark?

Being afraid of the dark is sometimes used to infantilize a person. Fear of the dark is often equated with scared children and fantasy monsters inside of dark closets. But the truth is that we are all afraid of the dark. The dark is the most obvious manifestation of a fear that transcends ages, fear of the unknown. Walking into an unfamiliar room or part of town in the dark is much scarier than in the light because we have full command of our senses and can actually see around the corner into the alley or through the doorway before we walk in. The same fear of the unknown also paralyzed people and organization when making decisions. Just as the dark is the most obvious manifestation of this fear in our everyday lives, the fear of an artificial intelligence (AI) implementation is the most obvious example in organizations trying to gain new value from and AI deployment. In the same way that our senses are challenged in the dark, decisions about AI can be frozen over fear of what we cannot see. A few specific things we cannot see are the regulatory and legal changes that are coming that will affect an organization’s ability to use AI and stay in compliance into the future. Smart executives are right to proceed with caution when they use customer data, financial data, data protected under attorney-client privilege, or other restricted data types. If an AI solution will be in violation of a future regulatory regime, implementing it now could backfire. However, in 2025 we are going to get a glimpse inside the dark room of future regulation as the Maryland Online Data Privacy Act (MODPA) takes effect in October. This state privacy law is remarkable for several reasons, and it gives organizations everywhere a peek around the corner on what is likely to come regarding data privacy and what that means for AI. In this article, we will walk through the MODPA and talk about what it means for organization inside and outside of the state. And of course, what this means for your AI ambitions in 2025. 🧩Piecing Privacy Together Many privacy advocates have long dreamed of the broad based, monolithic federal privacy law that would be the US version of the EU’s General Data Privacy Regulation . Whether you know it or not, GDPR has already impacted you as you click “Accept All” on the cookie banner on the websites where you get your sourdough recipes. It goes considerably farther than that imparting the rights within to EU citizens regardless of whether they are inside the EU or not. Since its passing, many have hoped for a US version that builds on and improves GDPR, but the wait for such federal legislation is ongoing and does not have an end in sight. In the meantime, states such as California (in 2018) and Colorado (in 2021) passed their own privacy laws. But as the field of privacy continues to mature and as data is generated and manipulated at massive scales, privacy laws are evolving. Share Anchored in the Fair Information Practice Principles (FIPP), the US approach to privacy has been piecemeal. As more states continue to take it upon themselves to enact laws to protect their citizens and as the federal legislature drives farther from unity on privacy, the US approach will almost certainly be cobbled together creating a somewhat confusing legal landscape. However, these laws share some characteristics and careful study of the newest laws will help us shed some light on this darkness and open the door for confident deployments of AI. 📝MODPA Set to go into effect in October of 2025, MODPA has some important distinctions that will impact organizations inside and outside of the state. MODPA has some provisions that are similar to other state privacy laws such as: Right to opt out of sales of personal data Prevents discrimination based on the choice to opt out Requires organizations to post privacy policies Requires organizations to conduct privacy impact assessments MODPA also takes a significant step by lowering the threshold for application of the law relative to other states. Whereas some organizations have been able to stay under the often 100,000 consumer threshold, MODPA lowers the threshold to control of the data of 35,000 consumers or control of at least 10,000 consumers and derived more than 20% of the organizations gross revenue from the sale of personal data. MODPA also sets strict data minimization requirements that in some cases are stricter than GDPR. Further, it restricts the personal data of minors and imposes obligations regarding consumer health data. 💡Shedding Some Light There is a clear trend visible beginning at GDPR and running through MODPA. US states are evaluating and learning from previous privacy legislation and fixing loopholes and improving requirements. Privacy restrictions on data are getting more restrictive and are applying more broadly. While some may read this line as a negative, there’s opportunity for the executives and organizations that have the vision to capitalize on the trend. Even if MODPA does not apply directly to you, it provides a window on what a future law or regulation that will apply to you might look like. Things like minimization requirements, privacy policies, privacy impact assessments, and industry specific requirements are coming and are likely to be the norm in five years. This trend opens the door to the use of AI in new ways that will make early adopters the leaders in their respective industries by a margin that will be difficult to close. Considering privacy when defining your AI use cases is the first step toward being ahead and staying ahead. With the view around the corner that we are getting with the passage of MODPA, we have the opportunity to build systems and solutions that provide the AI capabilities you need for your use cases while preserving privacy and staying compliant with future regulatory regimes. If you are afraid of the dark, a few tips. First, don’t be ashamed. We are all afraid of the dark. Second, if it is dark, find a way to shed some light, even if you can’t see the whole room. These clues will help you get more comfortable and let you proceed with your goals. Third, look for opportunity. Maybe you can use your creativity to see something that will give you an indication of how to grow, create, and dominate while others attempt to feel their way through darkness. After all, what’s in that scary looking closet might not be a monster but a use case that will bring your organization mission value, market share, and positive workforce experience. Subscribe now Leave a comment Connect with us: Substack , LinkedIn , Bluesky , X , Website To learn more about the services we offer, please visit our product page. Nick Reese is the cofounder and COO of Frontier Foundry and an adjunct professor of emerging technology at NYU. He is a veteran and a former US government policymaker on cyber and technology issues. Visit his LinkedIn here . This post was edited by Thomas Morin, Marketing Analyst at Frontier Foundry. View his LinkedIn here .