November 13, 2023
The National Retail Federation released its Principles for the Use of Artificial Intelligence in the Retail Sector to support the industry’s artificial intelligence (AI) governance and strategic planning.
Developed through NRF’s Center for Digital Risk & Innovation, the principles aim to encourage appropriate and effective governance of AI, promote consumer trust and facilitate ongoing innovation and beneficial use of AI technologies. Based in Washington, DC, NRF is the largest retail trade organization in the United States and worldwide.
“Retailers use AI to better serve their customers, improve the shopping experience and increase the efficiency of their operations,” said Christian Beckner, NRF vice president of retail technology and cybersecurity and executive director of the NRF Center for Digital Risk & Innovation, in a statement.
“As retailers of all sizes continue to expand their AI capabilities, these general principles for the use of AI are increasingly critical to the industry,” he said.
Retail AI landscape
The retail sector in the U.S. and even in other global markets is an active user of AI capabilities and tools to support a wide variety of business objectives.
Retailers are using AI capabilities to support a variety of use cases, including demand forecasting, inventory planning, consumer marketing, customer service, warehouse operations and fraud prevention.
More recently, emerging generative AI capabilities are leading to the development of new retail use cases, including in areas such as chatbots, product design and website content management.
Retailers of all sizes are expanding their AI capabilities, both directly and using third-party tools and services.
Larger retailers are making significant direct investments in AI capabilities, and retailers of all sizes can access and deploy new generative AI tools and AI-as-a-service capabilities and invest in AI at scale.
These capabilities create an imperative for retailers to maintain strong internal governance of AI capabilities and develop general principles for their use of AI.
NRF has developed these principles through its Center for Digital Risk & Innovation to encourage appropriate and effective governance of AI, support consumer trust and facilitate ongoing innovation and beneficial use of AI technologies.
These principles are generally aligned with other broader statements of principles that have been issued by government agencies and companies over the past year.
Retailers can use and tailor these principles to support their internal AI governance and strategic planning. Per the NRF white paper:
Governance and risk management
Retailers should develop strong internal governance of AI tools and capabilities as a foundational basis for managing risks and ensuring that AI delivers expected benefits.
Retailers should develop company-wide governance practices for the use of AI, involving not only the company’s direct AI or data science teams but also stakeholders in legal, compliance, marketing, communications and other business roles.
Company-wide governance teams should have responsibilities for risk management, oversight and security of AI capabilities throughout the lifecycle, from testing to deployment to post-deployment monitoring.
Retailers should develop practices to maintain internal awareness of AI tools in deployment, the current and planned use cases for these tools, and the data sets used to support them.
Retailers should be proactive in assessing and reporting emergent AI-related risks, especially those from external adversarial activities by cyber criminals and fraudsters.
Customer engagement and trust
Retailers should be transparent about their uses of AI that have a legal or similarly significant effect on a customer, establish safeguards to prevent unlawful discrimination against protected classes of individuals, and align their governance of consumer-facing AI applications with existing internal privacy, cybersecurity and other data governance policies.
Retailers should remain focused on customer trust with respect to their use of AI tools and capabilities, ensuring that these tools support the customer experience and do not inadvertently harm or undermine their trust.
For AI tools that use customers’ personal data, retailers should be transparent about how they are using these tools to support the customer experience where their use of AI could have a legal or similarly significant effect on a customer. They should strive to ensure that their uses of AI are explainable, with appropriate exceptions from disclosing AI capabilities that protect the company and its customers against malicious activity.
When using AI-enabled technology to serve customers, retailers should carry out internal oversight, develop safeguards and engage with their AI developers and other third parties to prevent automated outcomes that unlawfully discriminate against protected classes of individuals.
Retailers should develop additional internal controls, including human oversight and engagement, for AI capabilities that facilitate monitoring in stores for purposes of security, fraud prevention and asset protection.
Workforce applications and use
Retailers should engage in ongoing oversight and review of AI applications that may directly impact employees or that can be used by the workforce to support business needs.
Retailers should develop and deploy AI applications that affect hiring and promotions for employees with clear guidelines and in a manner consistent with all applicable laws and regulations.
Retailers should engage in ongoing oversight and review of AI-enabled capabilities that monitor or assess employee performance to ensure compliance with existing laws and regulations.
Retailers should consider providing guidelines to their employees about the use of publicly available generative AI tools within the company, including appropriate warnings about inadvertently exposing trade secrets and other non-public company information.
Business partner accountability
Retailers should establish clear guidelines and expectations for business partners that are providing AI tools, data sets and services.
Retailers should consider integrating AI governance into their existing third-party risk management activities and contracts to establish expectations for vendors and service providers with respect to their own AI governance.
Retailers should strongly encourage technology service providers to be transparent to them about their own AI governance, including with respect to the applications, data sets and algorithms they are using in support of retail AI use cases.
NRF will update these principles and guidelines periodically based on additional stakeholder input and broader changes to the use of AI within the retail sector.
NRF also plans to develop reports and guidelines in the coming months that provide additional context and assist retailers with using these principles, including general assessments of specific retail AI use cases and a retail sector AI risk management profile that maps to the National Institute of Standards and Technology AI Risk Management Framework.