Answer: D - Before deploying customer-facing AI-powered chatbots to serve their customers, financial institutions must reasonably consider Privacy Framework Principles, Cybersecurity Framework and foreseeable reform of policies governing the use of such systems to protect consumers’’ privacy rights.
The Privacy Framework considerations may include (but not be limited to) the following:
● How customers’ information will be collected
● How long the information will need to be retained to serve its purpose
● How customers will request and receive the information that has been obtained
● How will customers update the information on file
● How will the information be secured
● How will the information be processed
● How will the information be used
● How will the information be shared
● Methods by which the customer will be informed of data collection, use, storage, and sharing practices
● What are the methods by which a customer will provide consent for the collection, use, storage, and sharing practices
● Why the information is necessary to serve the customer and carry out the transactions
The Cybersecurity Framework will cover how consumers’ data will be secured. The National Institute of Standard and Technology provides an outline for the development of a suitable cybersecurity framework.
The organization will also need to consider and follow policies, laws, and regulations that will govern the use of this type of technology in their industry.