AI is transforming and disrupting the world around us. It impacts how companies operate; how governments make choices and deliver efficient and meaningful public services; how research organizations create new scientific breakthroughs; how data can be used for public good and public benefit; and how people around the world live, work, and connect. However, the benefits of transformative AI technologies also come with new and existing risks for individuals and society.
Organizations developing and deploying these technologies must do so in a trustworthy and accountable way that mitigates and manages risk while preserving key benefits.
Through our Artificial Intelligence Project, CIPL has cemented itself as an early thought leader in AI governance, addressing the most challenging questions at the heart of AI regulation, mapping emerging best practices for an accountable approach to the development and deployment of AI, and engaging regionally on AI policy and regulation.
For over 20 years CIPL has been a leading advocate for organizational accountability in data protection and broader digital and data policy. Since 2018 we have applied our thought leadership to the field of AI.
2018
Our Artificial Intelligence and Data Protection in Tension report explored the challenges and tensions between AI and existing data protection laws and principles and addressed the urgent need for a nuanced and detailed understanding of AI’s opportunities and issues
2020
Our Hard Issues and Practical Solutions report provided insights into emerging solutions for delivering trusted and responsible AI. It explored key AI-related challenges in the context of data protection; concrete approaches to mitigating them; and some key examples of creative approaches and tools that can be deployed to foster a better future in which human-centric AI, privacy, and the protection and productive use of personal data can prosper.
2020
Our How the GDPR Regulates AI report examined how the GDPR regulates AI systems and highlighted provisions of particular relevance in the context of AI, and how they govern and limit its use.
2021
Our Risk-Based Approach to Regulating AI in the EU report recommended a risk-based approach to regulating AI. We demonstrated the need to adapt a regulatory framework focussing on “high risk” AI applications, and a risk-based organizational accountability framework to working alongside it.
2023
Our Ten Recommendations for Global AI Regulation drew on our extensive engagement with private sector leaders developing and deploying AI technologies, policymakers, and regulators. The recommendations encapsulate CIPL’s view on a layered approach to AI regulation based on principle- and outcome-based rules; demonstrable organizational accountability; and robust and smart regulatory oversight.
2024
Our Building Accountable AI Programs: Mapping Emerging Best Practices to the CIPL Accountability Framework report captured findings from a rigorous benchmarking study to demonstrate that organizational accountability is fundamental to the responsible development and deployment of AI.
2024
Our paper Applying Data Protection Principles to Generative AI: Practical Approaches for Organizations and Regulators CIPL considers the following key privacy and data protection concepts and explores how they can be effectively applied to the development and deployment of genAI models and systems: Fairness; Collection limitation; Purpose specification; Use limitation; Individual rights; Transparency; Organizational accountability; and Cross-border data transfers.
2025
In 2025, CIPL continues to drive the Artificial Intelligence project forward with a focus on bridging policy and innovative practice. Highlights include our expert webinar, Applying Data Protection Principles to Generative AI: Practical Approaches for Organizations and Regulators, which explored actionable strategies for aligning generative AI development with core privacy principles.
We are also advancing our EU AI Act Implementation Project, supporting organizations and regulators in navigating new compliance obligations. We continue to convene key global stakeholders—from industry, government, academia, and civil society—to shape responsible, accountable, and innovation-friendly AI governance frameworks.
Our AI Project is built upon 3 core workstreams, each of which offers unique insights and value to CIPL members and project participants:
The Effective Regulation and Governance of AI
- Creating a forum for stakeholder dialogue on AI legislation around the world.
- Ensuring consistency between the AI Act, GDPR, and sector-specific laws in Europe, and working towards globally coherent AI frameworks globally.
- Developing forward-thinking ideas for emerging global AI regulations.
AI Public Policy
- Informing global AI policy in the US, EU, UK, Brazil, Australia, and Asia through engagement with regulators via public consultations, events, and delegation visits.
- Shaping market practices and global standards for accountable AI development and deployment.
Best Practices in AI Governance
- Sharing best practices in AI governance from leading global organizations.
- Providing evidence that accountability-based AI frameworks are effective and enforceable.
Applying Data Protection Principles to Generative AI: Practical Approaches for Organizations and Regulators
In this discussion paper, CIPL considers the following key privacy and data protection concepts and explores how they can be effectively applied to the development and deployment of genAI models and systems: Fairness; Collection limitation; Purpose specification; Use limitation; Individual rights; Transparency; Organizational accountability; and Cross-border data transfers. The analysis in this paper builds on […]
Building Accountable AI Programs: Mapping Emerging Best Practices to the CIPL Accountability Framework
This report showcases how 20 leading organizations are developing accountable AI programs and best practices on the ground. Our research shows that organizational accountability is fundamental to the responsible development and deployment of AI. Organizations recognize the need to demonstrate AI accountability as a business imperative, especially as the expectations of consumers, business partners, shareholders, […]
Ten Recommendations for Global AI Regulation
Drawing on CIPL’s years of experience as a thought leader and our extensive engagement with private sector leaders developing and deploying AI technologies, policymakers, and regulators, CIPL offers in this paper ten recommendations to guide AI policymaking and regulation to enable accountable, responsible, and trustworthy AI. These ten recommendations encapsulate CIPL’s view on a layered […]
