What is AI ethics?

AI ethics is not a single rule or regulation — it is a cluster of interconnected concerns that arise whenever an automated system makes or informs a decision that affects people.

Fairness asks whether an AI system treats individuals and groups equitably. A hiring algorithm that screens out women at a higher rate than men fails the fairness standard even if no one intended it to discriminate.

Accountability asks who is responsible when an AI system causes harm. If a bank's credit-scoring model rejects a qualified applicant based on a flawed signal, it matters greatly whether the bank, the model's vendor, or the regulator is responsible for the outcome.

Transparency asks whether the reasoning behind a decision can be understood and explained. Many modern AI systems, particularly deep learning models, produce outputs without any interpretable explanation — a property sometimes called the black-box problem. When a patient is denied coverage or a job offer is withdrawn, opacity makes redress almost impossible.

Privacy concerns how personal data is collected, stored, and used in training and operating AI systems. Safety covers the risk that an AI system behaves in unintended or dangerous ways, from a self-driving vehicle misclassifying a pedestrian to a medical-diagnosis tool recommending the wrong treatment.

These five concerns — fairness, accountability, transparency, privacy, and safety — form the working vocabulary of AI ethics. Organisations such as the AI Now Institute have documented how failures in each area produce real-world harm, particularly for communities already facing systemic disadvantage.

Algorithmic bias occurs when an AI system produces systematically unfair outcomes for particular groups. It usually originates in training data — because historical records often encode past discrimination, a model trained on that data will reproduce and sometimes amplify it.

The consequences can be serious. In 2019, a study published in Science revealed that a healthcare algorithm widely used across US hospitals assigned lower risk scores to Black patients relative to their true health needs, effectively reducing their access to care. The algorithm had been trained on historical spending data, which reflected longstanding disparities in treatment, not the actual severity of illness.

Hiring tools have shown similar patterns. Amazon famously scrapped an AI-powered recruitment tool after discovering that it consistently downgraded resumes from women. The system had learned from ten years of predominantly male hiring decisions and treated male-coded language as a signal of quality.

Facial recognition is another documented problem area. Independent audits — including research published by MIT Media Lab — found that commercial facial recognition systems had error rates up to 34 percentage points higher for darker-skinned women compared with lighter-skinned men, despite similar overall accuracy headlines.

Bias auditing has emerged as a response: a systematic process of testing AI systems for disparate outcomes across demographic groups before and after deployment. Some jurisdictions now require it. The NIST AI Risk Management Framework provides guidance on how organisations can structure bias evaluation as part of a broader risk management process. Crucially, auditing treats bias detection as an ongoing operational requirement rather than a one-time pre-launch check.

AI systems at scale consume enormous quantities of data — and much of that data involves people who did not consent to its collection or use in this way.

Large language models are trained on text scraped from the public internet, including personal blogs, forum posts, professional profiles, and journalistic archives. Image-generation systems are trained on hundreds of millions of photographs, many taken from photographers and illustrators without permission or compensation. Legal challenges from publishers, artists, and journalists are making their way through courts in multiple jurisdictions, raising unresolved questions about what copyright law permits when training data is used at this scale.

Facial recognition compounds the privacy concern. Clearview AI built a database of more than 30 billion scraped images to power a facial recognition service sold to law enforcement, without obtaining consent from the individuals pictured. Several regulators in Europe and Canada found this violated data protection law. The episode illustrated how AI can transform publicly visible information into a surveillance instrument without any deliberate act by the people being tracked.

Deepfakes — AI-generated synthetic media that realistically depicts real people saying or doing things they never said or did — raise a related set of harms. They have been used to generate non-consensual intimate imagery, to spread AI-generated misinformation and deepfakes, and to manipulate public perception during elections. Detection tools exist but consistently lag behind generation capabilities.

For organisations, digital privacy obligations intersect directly with AI: if a system processes personal data as part of its operation, the full requirements of GDPR or equivalent legislation apply — including data minimisation, purpose limitation, and the right to explanation when automated decisions produce significant effects.

The ethical questions raised by AI have moved firmly into the regulatory arena. The EU AI Act is the most comprehensive framework to date. It establishes a risk-tiered approach: AI applications considered unacceptable — such as real-time biometric surveillance in public spaces and social scoring by governments — are prohibited outright. High-risk applications, including those affecting employment decisions, credit access, and criminal justice, must meet stringent requirements for transparency, human oversight, and technical documentation before they can be deployed in European markets. Lower-risk systems face lighter-touch obligations, primarily around disclosure.

In the United States, an executive order on AI issued in 2023 directed federal agencies to develop sector-specific guidance and required developers of the most powerful AI systems to share safety test results with government before public release. The approach is more fragmented than the EU model, with different standards emerging across healthcare, financial services, and defence.

For organisations, responsible AI use is increasingly a matter of operational risk management as much as ethics. A biased hiring tool can generate employment tribunal liability. A data-hungry customer service AI can produce GDPR violations. An opaque credit algorithm can violate the Equal Credit Opportunity Act. The Partnership on AI has published practical frameworks for governance that translate principles into process: appointing accountability owners, establishing model documentation standards, running bias audits before deployment, and creating clear channels for affected individuals to raise concerns.

For individuals, responsible use starts with knowing what AI systems are operating on your behalf or making decisions about you — and exercising the rights to access, explanation, and contestation that data protection law in many jurisdictions already provides.

AI ethics is not a destination. As capabilities advance and applications multiply, the questions evolve. What makes the field practically valuable is not a fixed answer to every dilemma, but the habit of asking — before deployment, not after — who is affected, what could go wrong, and who will be accountable when it does.