IBM's Principles for Trust and Transparency

Earning the trust of our clients and society by operating with trust and transparency

For more than a century, IBM has earned the trust of our clients by responsibly managing their most valuable data. And we have worked to earn the trust of society by ushering powerful new technologies into the world responsibly and with clear purpose.

IBM continues to follow core principles, grounded in commitments to trust and transparency, that guide its handling of client data and insights. These principles also guide its responsible development and deployment of new technologies, such as IBM Watson® to the more advanced watsonx™. 

We encourage all technology companies to adopt similar principles to protect client data and insights, and to ensure the responsible and transparent use of artificial intelligence (AI) and other transformative innovations. We offer our own Trust and Transparency Principles here as a roadmap. They include:
The purpose of AI is to augment human intelligence

At IBM, we believe AI should make all of us better at our jobs, and that the benefits of the AI era should touch many, not just an elite few.
Data and insights belong to their creators

IBM clients’ data is their data, and their insights are their insights. We believe that government data policies should be fair and equitable, and prioritize openness.
New technology must be transparent and explainable

Technology companies must be clear about who trains their AI systems, what data was used in that training and, most importantly, what went into their algorithm’s recommendations.
AI for human intelligence

The purpose of AI and cognitive systems developed and applied by IBM is to augment, not replace, human intelligence. Our technology is and will be designed to enhance and extend human capability and potential. IBM is investing in initiatives to help the global workforce gain the skills needed to work in partnership with these technologies.

Investing in skills for the era of man and machine

  • IBM does not believe that taxing automation or penalizing innovation is an effective substitute for investing in the workforce of the future.

  • IBM is working with policymakers to modernize education systems to emphasize in-demand skills rather than focusing solely on specific academic degrees.

  • Better preparing more students and workers for modern careers, including well-paying new collar jobs, will help ensure that more people have an opportunity to benefit from technology-driven economic growth.

  • IBM encourages governments to:
    • Better align education with in-demand skills and competencies;
    • Support business investment in retraining employees; and
    • Encourage individuals to invest in skills for career advancement.

Data and insights belong to their creators

IBM clients’ data is their data, and their insights are their insights. Client data and the insights produced on IBM Cloud® or from IBM’s AI are owned by IBM’s clients. 

Clients are not required to relinquish rights to their data—nor the insights derived from that data—to have the benefits of IBM’s solutions and services. 

  • IBM client agreements are transparent. We will not use client data unless they agree to such use and we will limit that use to the specific purposes clearly described in the agreement.
  • IBM employs industry-leading security practices to safeguard data. This includes use of encryption, access control methodologies and proprietary consent management modules, which allow us to restrict access to authorized users and to de-identify data in accordance with applicable permissions.

 
IBM is fully committed to protecting the privacy of our clients’ data, which is fundamental in a data-driven society.

How we advance data privacy

  • While there is no single approach to privacy, IBM complies with the data privacy laws in all countries and territories in which we operate.
  • IBM was an early leader in developing and adopting the European Union (EU) Data Protection Code of Conduct for Cloud Service Providers for several offerings. IBM secured certification under the US-EU Privacy Shield and the APEC Cross-Border Privacy Rules. And it established a comprehensive compliance framework to help ensure general data protection regulation (GDPR) compliance for all IBM products and services.
  • IBM will advocate for strong and innovative means to enhance privacy and data protection, and will continue to invest in privacy-enhancing technologies.
  • IBM supports global cooperation to facilitate mutual recognition of privacy regimes to enhance and facilitate cross-border data flows.

IBM is devoting our powerful engines of innovation to create tools to protect our clients, their data and global trade from cyberthreats. We are also convening a broader discussion on balancing security, privacy and freedom.

  • IBM client agreements are transparent. We will not use client data unless they agree to such use and we will limit that use to the specific purposes clearly described in the agreement.
  • IBM employs industry-leading security practices to safeguard data. This includes use of encryption, access control methodologies and proprietary consent management modules, which allow us to restrict access to authorized users and to de-identify data in accordance with applicable permissions.

IBM has not provided client data to any government agency under any surveillance program involving bulk collection of content or metadata.

  • In general, if a government wants access to data held by IBM on behalf of an enterprise client, we would expect that government to deal directly with that client.
  • We do not provide access to client data stored outside the lawful jurisdiction of any government requesting such data, unless the request is made through internationally recognized legal channels such as mutual legal assistance treaties (MLATs).
  •  If we receive a request for enterprise client data that does not follow processes in accordance with local law, we will take appropriate steps to challenge the request through judicial action or other means.
  • If we receive a government request for enterprise client data that includes a gag order prohibiting us from notifying that client, we will take appropriate steps to challenge the gag order through judicial action or other means.
  • We will continue to work closely with governments and clients to balance the protection of data with law enforcement’s obligation to conduct lawful investigations of criminal activity.
  • IBM supports measures to increase the transparency, oversight and appropriate judicial review of government requests for data, including modernized international agreements on legal assistance.

IBM views the free movement of data across borders as essential to 21st century commerce.

  •  IBM supports digital trade agreements that enable and facilitate the cross-border flow of data and that limit data localization requirements.
  •  IBM believes that clients, not governments, should determine where their data is stored and how it is processed. Mandating that data be kept or processed within national boundaries does not make it safer from hackers or cybercriminals.
  • IBM continues to make significant investments in cloud data centers around the world to give clients the flexibility to decide where to store and process their data. These decisions should generally be driven by client choice rather than government mandate.
Transparent and explainable AI

For the public to trust AI, it must be transparent. If we are to use AI to help make important decisions, it must be explainable.

IBM will make clear:

  • When and for what purposes AI is being applied in the cognitive solutions we develop and deploy.

  • The major sources of data and expertise that inform the insights of cognitive solutions, and also the methods used to train those systems and solutions.

  • That while bias can never be fully eliminated, and our work to eliminate it will never be complete, we and all companies advancing AI have an obligation to address it proactively. Therefore, we continually test our systems and find new data sets to better align their output with human values and expectations.

  • The principle that clients own their own business models and intellectual property and that they can use AI and cognitive systems to enhance the advantages they have built. We will work with our clients to protect their data and insights, and will encourage our clients, partners and industry colleagues to adopt similar practices.

  • Our firm support for transparency and data governance policies that will ensure people understand how an AI system came to a conclusion or recommendation.
 Download IBM's Principles of Trust and Transparency
Next steps

Explore the IBM Policy blog to stay informed on the world's most pressing tech policy topics, from AI to quantum and more.

 Explore the IBM Policy blog