IGF 2023 WS #426 Can AI and Data Protection Coexist? Solving the AI conundrum


Data Governance & Trust
Data Privacy and Protection

Organizer 1: Nidhi Singh, 🔒
Organizer 2: Srishti Joshi, 🔒
Organizer 3: Aishwarya Giridhar, 🔒Centre for Communication Governance
Organizer 4: Jhalak Mrignayani Kakkar, 🔒

Speaker 1: Jhalak Mrignayani Kakkar, Civil Society, Asia-Pacific Group
Speaker 2: Chinmayi Arun, Civil Society, Western European and Others Group (WEOG)
Speaker 3: Yong Lim, Civil Society, Asia-Pacific Group
Speaker 4: Prateek Sibal, Intergovernmental Organization, Intergovernmental Organization


Nidhi Singh, Civil Society, Asia-Pacific Group

Online Moderator

Aishwarya Giridhar, Civil Society, Asia-Pacific Group


Srishti Joshi, Technical Community, Asia-Pacific Group


Round Table - 60 Min

Policy Question(s)

A. How do current data protection frameworks intersect with the governance of AI systems?
B. What are the considerations involved in designing AI systems in consonance with data protection principles?
C. How can states which are currently in the process of framing their AI and data protection laws ensure that these laws are in consonance with each other?

What will participants gain from attending this session? This session will allow participants to engage with the interaction between data protection laws and AI and learn about existing approaches to resolve tensions between the two. This is especially important in the current age, where technologists and civil societies have called for moratoriums and bans on the use of certain types of AI, given its potential impact on human rights.

We hope this session will feed into the development of a community of researchers and other stakeholders working on data protection and AI to engage with each other and share expertise and perspectives. More specifically, participants can contribute to a global charter containing approaches to update data protection principles and design AI policies in a rights respecting manner which is consistent with data protection principles.


While the rapid advancement of AI technologies has the potential to revolutionise many aspects of our lives, it can also pose significant harm to users’ privacy as they are dependent on large amounts of data. This is further exacerbated by developing technologies which make it easier to re-identify individuals from anonymised datasets, blurring the line between personal and non-personal data.

Traditional data protection principles are based on the idea that individuals must be able to control how information about them is used, and pre-dates the use of Big Data. However, experts argue that for Big Data to reach its full potential, both personal and anonymised data must be gathered at an unprecedented scale, and reused for different purposes that cannot be predicted at the time of collection. This directly contradicts existing data protection principles.

The session will explore whether tensions between AI and data protection requirements are as intractable as they seem, and identify ways in which any conflicts can be resolved. In our discussions, we will draw on global conversations around legal, technical, and regulatory approaches to balance AI and data protection. We will explore the role of data protection and AI legislation in this context, and identify core areas that regulators must focus on to balance the benefits of AI with the challenges to data protection laws: for instance, the role and standards around anonymisation and transparency, and emerging techniques allowing the creation of artificial datasets for AI systems to use instead of relying on personal data.

Moreover, research suggests that issues arising from AI systems, such as bias and discrimination, typically affect Global Majority countries more severely. In the session, we will also work to identify ways for data protection and AI regulations to address these harms in the Global Majority.

Expected Outcomes

CCG is working with external experts on a report that explores tensions between AI and data protection. We will use insights from this session to inform the report, which can be used by other countries, particularly in the Global Majority to design their own data protection and AI governance structures. Specifically, this can assist policymakers to formulate more rights-protecting AI regulations.

Moreover, as India seeks to finalise its data protection legislation and contemplates AI regulation, CCG’s work will inform policymakers as they work on the development of relevant legislations and policy. Our work will also inform our submissions to the data governance working group at the global partnership on AI, of which CCG is an expert member. We will use learnings from this session to build towards a global charter which can be used by participants, states and civil societies to update existing data protection principles and design AI policies.

Hybrid Format: Our session plan is designed to allow for robust engagement and participation, online and offline. To encourage interaction, we will begin with an overview of the tensions between data protection and AI. Once invited experts have made initial points, we will explore specific areas that participants indicate an interest in.

We will provide a variety of ways in which participants can engage - speaking online/ in person, typing questions or comments on the live chat of the Official Online Participation Platform, a public Google document, and a Miro Board. We will encourage in-person participants to also use these tools so that they are able to engage with those joining online.

Our on-site and online moderators will work to keep track of questions and comments and highlight emerging themes. In addition to active and engaged moderators, we plan to use polls as a tool to encourage participation and information sharing.