At the end of each day, we will be compiling a daily round-up that will focus on key themes. We’re kicking off day one with artificial intelligence, biometrics and how identity technology intersects with regulation.

In the wake of the Facebook scandal there was much talk of the possible implementation of data privacy rules in the US, similar to the GDPR Directive now in force across Europe.

One of the first sessions of the day focused on how companies need to take another look at how identity is being protected and ensure that people have the right to be forgotten.

K&L Gates’ Judie Rinearson says that seeing Facebook ads does not make her feel “warm and fuzzy”, but “gives me the creeps”, adding that “the line is being now being crossed” in regard to unpermitted sharing of data.

An audience poll found 50% of the room in accord with the view that a GDPR-style regulation could be implemented by regulators, with barely one-in-five believing it would never come to pass.

Are adults concerned about their personal data being collected, asked another question: 35% thought that most were unaware, but another 35% believe online surfers are deeply concerned.

Rinearson explained the rights that GDPR has provided to members of the EU, but says that the concept of consumer ownership over personal data is too hard for people in the US to even fathom.

However, with the introduction of the California Consumer Privacy Act (CCPA), which has been referred to as ‘GDPR Lite’, Rinearson detects a shift in thinking, that could have big implications for the financial sector in the coming years.

Jumio's Robert Prigge joined the conversation and outlined the key ingredients of a GDPR-compliant data processor and how machine learning can be used to establish trusted identities.

Should the US implement a similar regulation to GDPR, there needs to be processes, or people, in place to enforce fines for those who are not compliant, like the ICO in the UK.

“GDPR empowers consumers and when you have their information, you should treat it with the utmost respect,” Prigge says, adding that “the intent of the law is to put consumers in the driver’s seat”.

However, the US cannot adopt “a simple copy and paste of GDPR” but some features of the law can be taken onboard, such as the right to explanation (Article 13), which can become problematic if machine learning is part of the system and customers need to be told how a machine extracted their personal data.

Alongside this, data minimisation could be a feature of any potential new regulation, which is a term that refers to how only needed information is taken, not stored and not reused without permission. Prigge concluded by saying that “every process needs to be re-looked at through the prism of GDPR”.

In a later session on the impact of artificial intelligence, Accenture’s Paula O’Reilly pointed to research which suggested that, contrary to popular belief, if companies invested in AI, revenue and employment would experience a boost by 2020, not the decrease of opportunities and loss of jobs that has been heavily reported on.

How humans and machines can work together for the greater good was another key theme. Looking at the introduction of chatbots by financial services institutions, Nick Sokolick from FaceMe remarked: “For every app, there are four chatbots being created, but there is a lack of emotional connection.” Commoditisation is also a concern, says Sokolick, with customers not being able to differentiate between different brands, because they all offer the same service with the same voice.

HSBC’s Jeremy Balkin says that bankers have now realised that the financial industry has lagged when it comes to customer experience and personalisation is needed, which can be done with improved intelligence.

The subject of personalisation was brought up yet again in another session in which Sofia Altuna from Google said that AI could support customer services, but also reduce cost and fraud with the introduction of conversational banking.

David Sosna from Personetics believes that banks should “find ways to create smart and intelligent engagement with customers” and financial professionals should be able to take data and teach machines how to interpret it by teaching them right from wrong.

Capital One's Ken Dodelin points out that current fraud alert systems for personal bank accounts comprise a basic a one-word text message because this is all that the system can understand. "Instead of training humans to act like machines, we should teach machines to understand humans,” he says.

One of the final sessions returned to the theme of GDPR and the need for a national ID in the US. At the moment, a form of identification is not mandatory unless you want to travel, for example, a driver’s licence or passport.

Megan Heinze and Jenny Openshaw from Idemia revealed that the US government is planning to standardise a mobile driver’s licence across states and this could be the GDPR-like standard that is needed.