Sign in Subscribe
3 min read

Week 29, 2024 - Interesting Things

This is my attempt at a potential new series summarizing interesting things I've read this week. I started with an aim of five things, but it's taking longer than I thought so only four this week. I've linked all the original articles, and I believe they're all freely available. However, I would encourage anyone to support the original authors.

AI and EU privacy law: June 2024 state of play

Mikolaj summarises the current state of AI and EU privacy law. The critical point here is this is an ongoing (and fascinating) conversation. This means that the points below are potential issues and points of discussion but should not be considered agreed positions by anyone.

  • GDPR could threaten the scraping of Internet data to train models. The concern is whether processing personal data this way can be considered a 'legitimate interest', the only viable basis. A further potential obstacle is legitimate interest cannot be applied to special categories of personal data, such as race or health data. When processing large amounts of data, it is nearly impossible to avoid collecting such information as a strict reading of GDPR would necessitate.
  • Extending this even further, if a model is considered to contain personal data, storing or sharing those models would count as data processing under GDPR. This would pose a significant challenge to the research and development of open models, which have less control over what happens to their models and weights.
  • There is disagreement on whether AI models contain personal data, even when potentially trained on them. Mikolaj's article presents the disagreement from the Hamburg DPA perspective, which argues that individual language tokens cannot be associated with individuals, versus the French CNIL perspective, which claims that there is a 'risk of regurgitation' of personal data, particularly from the less advanced and overfit models.
  • GDPR requires data processing to adhere to 'the principle of accuracy' and to give a mechanism to rectify data or request its removal. However, for specific information within an AI model, this might be impossible, or at least prohibitively expensive, and the current approach is to block those requests from the model. Forcing companies to retrain models to update data could impose significant costs that smaller developers cannot absorb or may make it prohibitively expensive for any organisation to offer an AI model in the EU.

Keystone Kop Valuations: Lazard, Evercore and the TSLA/SCTY Deal

This is actually a really old article (it's from 2016), but I came across it while watching one of Prof. Damodaran's videos on YouTube.

The article is about Tesla's acquisition of Solar City in 2016. There were massive conflicts of interest in this deal as Musk was the largest stockholder in both companies, the CEO of Tesla, and his cousin was the CEO of Solar City. To create the illusion of fairness, Tesla's board hired Evercore Partners to assess the deal, and Solar City's board hired Lazard.

I won't go through all the details here; the article is interesting, even if you know little about valuation. Unsurprisingly, neither Lazard nor Evercore attempted an accurate valuation, which was expected. They're hired to make this look like a good deal, not to assess whether it is, and that involves playing with numbers until you get the answer you're looking for. Further, Evercore had to make the price paid look low (i.e. good for Tesla) while Lazard had to make it look high (i.e. good for Solar City), so they can't even be consistent.

But in this case, Evercore assumed that Solar City would grow faster than the economy forever to justify the price. There is a not-very-fine line between making assumptions that are unlikely to come true, which is to be expected with incentives like this, and assumptions that are literally impossible.

Third Plenum readout

The Third Plenum is a meeting of the Central Committee of the CCP and is focused on economic issues. Given the current economic situation in China, there was a lot of interest in the announcements that came out of this meeting.

The link above is to Bill Bishop's summary of the communique. More information will come out in the next week or so, which may change the story, but at the moment, it looks like anyone hoping for a change in approach will be disappointed. Leadership seems to believe they are on the correct path and will continue.

CrowdStrike causes worldwide IT outage

There are massive worldwide IT outages ongoing at the moment. I'm not going to try to list them all, but airports, train lines, and the NHS seem to be affected so far.

The current explanation for what's happened, which isn't fully confirmed, is that this was due to a change in CrowdStrike Falcon. CrowdStrike is a cybersecurity platform, and Falcon is their agent, installed on devices. A change appears to give Windows users the 'blue screen of death'. From what I understand, whatever was broken is now fixed, but that doesn't resolve the issue on devices that have already been bricked.

This Reddit thread gives some insight into the scale of the issues. CrowdStrike shares are down 15.8% premarket at the time of writing.