Impact of Technology and Information Governance: impact of AI and Unconscious Bias


In Australia, New Zealand and around the world, the impact of social media and a 24/7 news cycle, has changed the ability of simple stories that would have been forgotten within days to be reported immediately and that the ‘trending’ of topics, indexed by hashtags (#) hurts the corporate world.  The need for clearer communications strategies, especially in times of crisis management, has never been so urgent.  Having a clear spokesperson, probably the CEO, who can explain events as they unfold and with transparency and integrity answer questions as are launched by journalists, competitors, regulators, lobbyists and shareholders, to name a few stakeholders.

There are a number of researchers that examine the thoughts of corporate directors and other governance professionals to predict trends that impact on the top concerns of people.  The importance of information governance is growing annually in the light of corporate governance requirements. 

Two particularly important sources are the US based Akin Gump lawyers “Top 10 concerns for Directors in 2018” and the King & Wood Mallesons “Directions 2018”.  The US lawyers focussed on (1) cybersecurity threats; (2) corporate social responsibility; (3) managing five generations of employees; (4) corporate strategy and (5) board composition, for the top 5 spots. This was followed by shareholder activism (6); internal independent investigations (7); SEC[1]regulatory relief (8); SEC enforcement (9) and 10thtrade sanctions with tax reform.[2]

The large Australian law firm, Mallesons, working with the AICD, have produced a “Directions 2016 and 2018”[3]for directors that focus on hot issues in a legal context.  The top 5 directors and senior executive s concerns are (1) managing IT and cyber-risks; (2) maintaining an appropriate corporate culture; (3) protecting brand reputation and (4) protecting information.

However, my independent research, as briefly described below, demonstrate that during the financial year 2018-2019, the six critical or major concerns of corporate officers are expressed within the acronym SEMTEX.[4]Remembering #SEMTEX could help directors from avoiding disasters that could blow up and cause corporate and personal damage.  The acronym SEMTEX stands for the following six areas of major concern for all directors:

S = strategy

E = evaluate of risks

M = multi-generational (diversity)

T = technology

E = environment (CSR)

X = toXic culture

This article will only focus on the technology aspect, for all the directors’ concerns, please read: 

Adams MA, 2018,  ‘Top 2018 governance concerns: #SEMTEX, Governance Directions, Vol 70, No 8, p 477 or online at

In many ways, technology, should probably be the top of directors and governance professionals minds.  This is because it will form part of most companies corporate strategy; it helps evaluate risks; it is part of the diversity debate; it provides data on the environment and CSR; as well as provides critical information on the culture, toxic or otherwise. Also, technology can be used for good or bad outcomes. It is not a simple ‘either or proposition’, but a complex decision-making tool to enhance the business, in a time of rapid change and true disruption to traditional industries.  Most boards would now understand how the taxi industry was changed around the world by the Uber application and business model.  Another classic example is hotels and accommodation that have been forever changed by AirBnB.  The disrupters made the app and business model, then waited for governments, competitors and regulators to challenge their legal standing. The true question is: what is next and what will happen in your industry or profession?

PricewaterhouseCoopers managing partner, Jon Williams, in 2018 stated that the firms international survey of 1200 top-tier companies showed that preparations for technological change was the only way seen to survive.[5]The PwC data found Australian businesses were lagging globally on a general level but excelling at creating flexible and adaptive work practices. The big end of town in Australia was particularly good in this area, but local businesses were significantly under-performing at the open and transparent narrative of preparing for the future of work, automation and artificial intelligence (AI).[6]There is even some debate about how digital culture is rewiring our brains through neuroplasticity, led by Professor Susan Greenfield at Oxford University.[7]There is clear medical evidence that our brains will adapt to changing environments and many studies have shown that gen-Y and gen-Z are spending up to 30 hours per week on screens and making them less social at school or university.

The Information Governance ANZ association, conducted a 12 month survey between July 2016 to 2017, which found that 98% said that defining and implementing an information governance (IG) framework for their organisation was important. 81% found that a lack of understanding or awareness of the value of IG by their organisation was the biggest risk and obstacle for implementing best practices. The accepted definition of IG was:

“The activities and technologies that organisations employ to maximise the value of information while minimising associated risks and costs”

IG activities commonly include data governance; records management/storage/archiving; information security/privacy and eDiscovery. Only 55% of respondents organisations had formal IG frameworks across Australia and New Zealand. The key drivers were external regulatory compliance or legal obligations and good business practices. Obstacles identified for implementing IG frameworks were lack of understanding and change management processes (people and culture) and areas working in silos.[8]

Thus, technology can have a good upside to reduce costs and risks and generate additional revenue.  Alternatively, it can expose a company to major costs and reputation damage if something goes wrong with the use or abuse of the technology. Some recent case examples include Facebook allowing data analytics company, Cambridge Analytica, to use 50 million users data to influence the Brexit vote in the UK and the 2016 US Presidential campaigns. This breach was known in March 2018 and led to the CEO (Alexander Nix) of Cambridge Analytica has been suspended, as well as the resignation of Facebook chief information security executive (Alex Stamos) has resigned and it has been stated that Facebook lost $US47 billion[9]from the share market. By the end of April 2018 Facebook had shrugged off the scandal and advertising revenues had increased.  The rollout of the European Union new General Data Protection Regulation (GDPR) was likely to have a much more significant impact. Users would be encouraged to apply more privacy and restrict data of consumers, would cause uncertainty for advertisers and online platforms. Facebook CEO (Mark Zuckerberg) has been required to testify in front of the US Senate and the European Commission.

The GDPR and the concept of data breach reporting, has become a major platform of information governance and concern for many boards.  The launch date of the GDPR on 25thmay 2018 applies to all companies doing business in Europe.  It is the largest change to data protection laws in 20 years and finally harmonises laws across all members of the EU. Australian businesses of any size may be required to comply with the EU laws, if their goods or services are in the EU region. At a more local level, the CBA in June 2016 accidentally sent 651 internal emails, which had attached 10,000 customers detailed, to the wrong email address in the USA.  A full investigation has shown that a breach occurred, but the data did not include specific personal information of the CBA customers.  The mistake occurred because the email address was (which the bank did not own until January 2017) rather than the official domain of[10]

On a more strategic level, boards need to understand AI, across a range of fields and disciplines.  Even in law, the growth in expert systems is occurring at a rapid rate of growth.  Michael Mills, co-founder and chief strategy officer of Neota Logic, in a white paper, “Artificial Intelligence in Law: the state of play 2016” notes that the big forest of academic and commercial work around the science and engineering of making intelligent machines is impacting on eDiscovery, legal research, compliance, contract analysis, case prediction and document automation.[11]Even the High Court is becoming engaged in such matters, with a very recent referral of Michael Trkulja against Google, over the search engine producing wrongful images, even though the defamation case had been settled in 2012 ($200,000 by Google and $225,000 by Yahoo, for the 2004 events that produced material in searches from 2009).[12]  The Victorian Supreme Court of Appeal was not to strike out that matter, as directed by the HCA. The search results gave the impression that Mr Trkulja was part of a Melbourne under-world criminal gang rather than a legitimate business person. The case will return to the Victorian Supreme Court for determination.[13]

One concern with AI is that machine learning expression spurs a false sense of security in a holistic and fair selection process.  Whereas, AI is based on training data and that original data and/or the original formulas/algorithms were all created by humans with a natural degree of bias.  Thus, AI can cause unconscious bias and as Alexa Gorman (global vice-president of SAP) speaking at Inspirefest (20thJuly 2018) stated, “without diversity in machine learning, AI is bound to have unconscious bias”. Many examples are coming to light in the area of employment hiring practices to simple searches for picture of occupations and professions from the main search engines. 

In the legal profession, AI or machine learning, may provide the answers to the Hon Justice Michael Kirby’s prophesy in 2004, when he stated:

“artificial intelligence would help lawyers to solve problems: to analyse questions; to get the statute and the common law right. Lawyers will speak to a computer and ask for an immediate analysis of the latest authority of the High Court of Australia…….a thinking machine will do in minutes the analysis that would take a contemporary lawyer a thousand hours and countless cups of strong coffee to accomplish.”[14]

A real example of this approach, has been the development of an Australian tax AI program, out of South Australia by Cartland Law, known as “AILIRA”[15](Artificial intelligence legal information research assistant). To watch a video of this program in action, see:


Professor Michael A Adams

Professor of Corporate Law & Governance, School of Law, Western Sydney University
Member of the Advisory Board of Information Governance ANZ

[1]Securities & Exchange Commission is the US Federal regulator of public listed companies and has similar powers to ASIC.

[2]Akin Gump, 2018, ‘Top 10 topics for directors in 2018’ reported in Harvard Law Forum on Corporate Governance and Financial Regulation (3 January 2018).

[3]AICD/KWM, 2018, ‘Directions 2018: the rise of the intangibles and a new recipe for trust’.

[4]This phrase was first used on 6thJune 2018 at NSW Governance and Risk Forum and reported by Jerome Doraisamy, 2018, “Counsel must play role in evolving governance structure” (13 June) Lawyers Weekly: Corporate Counsel Semtex was the plastic explosives developed in Czechoslovakia in the 1960s for construction work, but also used by terrorists in the infamous Lockerbie (Pan Am Flight 103) aircraft explosion, killing all on board. 

[5]David Marin-Guzman, 2018, ‘Business not ready for future’, 8thMarch, AFR 11.

[6]PwC Global, 2018, ‘Workforce of the Future: competing forces shaping 2030’,

[7]Susan Greenfield, 2012, ‘How digital culture is rewiring our brains’, 7thAugust, The Sydney Morning Herald 11.

[8]Information Governance ANZ, 2017, ‘IG Industry Survey Report’.

[9]Byron Tau, 2018, ‘Facebook sheds $47bn as data access crisis explodes’, 21stMarch, The Australian 24

[10]Clancy Yates, 2018, ‘CBA sent personal data to wrong site’, 2ndJune, The Sydney Morning Herald 4.

[11]Michael Mills, 2016, ‘Artificial Intelligence in Law: the state of play 2016’, Thomson Reuters: Legal Executive Institute

[12]Michael Pelly, 2018, ‘Google libel test case can proceed’, 14thJune, The Australian 6.

[13]Trkulja v Google LLC [2018] HCA 25 (13 June 2018).

[14]Justice Michael Kirby, ‘A Law Libraries Love Affair’ (2004) 12(4) Australian Law Librarian7; as cited in Dr Terry Hutchinson, ‘Legal research in the fourth industrial revolution’ (2017) 43(2) Monash Law Review 567.