Rules Navigator

Five DPAs commit to joint declaration on innovative and privacy-protecting AI

John Edwards, Dale Sunderland, Marie-Laure Denis, and Haksoo Ko.
(From left) John Edwards, Dale Sunderland, Marie-Laure Denis, and Haksoo Ko. Photo: CNIL

Martina Lindberg

 Click to share on Facebook (Opens in new window/tab) Click to share on Twitter (Opens in new window/tab) Click to share on LinkedIn (Opens in new window/tab) Click to share on WhatsApp (Opens in new window/tab)

The data protection authorities aim to build a reliable governance framework for trusted AI.

Data protection authorities in Australia, Korea, Ireland, France, and the UK have signed a joint declaration to continue their commitment to establish data governance that fosters innovative and privacy-protective AI.

The initiative aims to promote innovation to build a reliable governance framework for AI with clear standards and requirements, and to provide legal certainty for stakeholders, and safeguards and transparency for individuals.

And even though AI brings many opportunities in fields of innovation, research, economy and society, the declaration also states that AI poses “significant risks with respect to the protection of fundamental rights such as data protection and privacy.” Including risks of “discrimination, misinformation and hallucination that are often caused by the inappropriate processing of data.”

The authorities therefore advocate to incorporate data protection principles by design in AI systems in order to be compliant with privacy regulations. This includes the need to embed privacy-by-design principles into AI systems from first planning stage, as well as implementing a robust internal data governance framework that covers risks throughout the entire lifecycle of an AI system.

“We recognize the need to fully cultivate public trust and harness the transformative benefits AI could bring. We recall that AI should be developed and deployed in accordance with data protection and privacy rules and other norms,” the declaration states.

Main commitments

The authorities’ main commitments include:

  • clarifying legal bases for AI processing data;
  • sharing information and establishing security measures;
  • monitoring technical and societal impacts of AI – which will involve various other actors;
  • motivating innovation while reducing legal uncertainty; and
  • strengthening cooperation with other authorities (such as consumer protection, competition, intellectual property).

[AI poses] “significant risks with respect to the protection of fundamental rights such as data protection and privacy.”

The joint declaration

The declaration was signed at the AI Action Summit in Paris which took place from February 6-11, at an event hosted by the Commission nationale de l’informatique et des libertés (CNIL) and Personal Information Protection Commission (PIPC) of South Korea in collaboration with the Organisation for Economic Co-operation and Development. It was signed by:

  • Haksoo Ko, Chairperson, Personal Information Protection Commission, Korea;
  • Marie-Laure Denis, President, Commission Nationale de l’Informatique et des Libertés, France;
  • John Edwards, Commissioner, Information Commissioner’s Office, United Kingdom;
  • Dale Sunderland, Data Protection Commissioner, Ireland; and
  • Carly Kind, Privacy Commissioner, Office of the Australian Information Commissioner, Australia.
, , , , , , , , , , , , ,

You may also like