On 10-12 June, I attended the Global Privacy Symposium in Venice. The event cascaded ongoing data privacy themes intertwined with cybersecurity, AI, and other regulatory policies affecting the mobile ecosystem. The Symposium highlighted global data privacy evolution that continues to impact the present and future landscape, ranging from technology, regulatory, policy, marketplace, democracy, digital rights, consumers, and geopolitical lenses.
Trust, accountability and interoperability governance
Regulators, policymakers, and the marketplace have been advocating the importance of trust (both offline and online). Building an organic culture of trust and accountability takes considerable time and effort to cascade its relatable narratives to data subjects or consumers. There is a gradual pace of inclusivity in capacity building engagement by Data Protection Authorities (DPAs) beyond the EU and North America through intelligence sharing, bilateral and multilateral initiatives. Whilst the latter are commendable, interoperability governance between DPAs, AI, competition, cybersecurity regulators, governmental agencies and other sector-specific regulators is still work in progress.
Interoperability governance embraces cross-collaboration as the mechanism to share information seamlessly and efficiently. An example of interoperability is how DPAs support each other regarding enforcement, adequacy assessment and determination, consultation, investigation, audit and training. In our previous blog, regional DPAs in Africa continue cooperating within the local cultural nuance. Similarly, DPAs in Asia Pacific have been sharing best practices, trends, regulatory experiences, enforcement challenges, developments and insights relating to emerging technologies.
AI: “everything, everywhere, all at once”
The Symposium delved into AI evolution and the potential impact of the EU AI Act on the rest of the world, in addition to other jurisdictions’ risk-based, self-regulatory advisory guidelines, prescriptive and baseline frameworks and its complex interplay with data privacy, cybersecurity, intellectual property and other legislative, policy and regulatory frameworks. There is cautious, strategic, and tactical optimism in understanding fundamental AI taxonomy and its differences and commonalities with data privacy.
A few weeks after the Symposium, OECD published AI, Data Governance and Privacy, synergies and areas of international co-operation, as part of OECD AI papers. The key theme focuses on collaboration on AI and data privacy triggered by generative AI’s progress. It emphasises the importance of understanding commonalities and divergences in AI and data privacy principles, including guidance by DPAs and governmental agencies responsible for AI policy, consultation and governance.
Legislative, policy and framework continuity
2024 is an election year for 60+ countries, and as I write, some elections are underway and have taken place. Such outcome shall reshape and reframe government stakeholders’ national, regional and global priorities. Thought leaders and government stakeholders who shared their points of view in the Symposium collectively affirmed the significance of continuity. There was an emergence of aligned digital governance (data privacy, cybersecurity and AI) in governments and data-driven sectors, smart and sustainable datafication, and bridging the knowledge, skills and gap between the global north and the global south. These themes require policy and advocacy ‘refresh and sustainable engagement’ with government stakeholders and the mobile ecosystem, mirroring GSMA’s mission at heart.
I welcome thoughts to engage and disseminate in the future or in forthcoming conferences I will be attending and speaking: 46th Global Privacy Assembly, Jersey, Channel Islands and IAPP Europe Data Protection Congress 2024, Brussels.