This paper examines sandbox initiatives across multiple jurisdictions, including in AI, data protection and financial services, to identify the core success factors that make these models effective. It distils these insights into practical recommendations for regulators designing and operating sandboxes and for participating organisations.
Building on this analysis, the paper considers the specific context of the EU AI Act, which mandates that each Member State establish an AI sandbox by August 2026, and offers targeted recommendations to support their effective implementation.
More broadly, the paper argues that the sandbox model has the potential to advance responsible innovation across the wider digital ecosystem, and recommends its adoption in areas such as online safety, cybersecurity, and data interoperability.
Learning from Practice: Designing Effective Regulatory Sandboxes
Download NowMore like this
CIPL Response to the European Commission and the European Data Protection Board Public Consultation on the Draft Joint Guidelines on the Interplay between the GDPR and the DMA
Find out more
CIPL Response to the Notice of Proposed Rulemaking from New York’s Office of the Attorney General Regarding the Stop Addictive Feeds for Kids Act
Find out more
CIPL Response to the EDPB Draft Guidelines on the Interplay Between the Digital Services Act (DSA) and the General Data Protection Regulation (GDPR)
Find out more
CIPL Submission on the European Commission’s Call for Evidence on the Digital Fairness Act
Find out more
CIPL Response to the Proposed Rules for the New Jersey Data Privacy Act
Find out more
CIPL Response to the US House Financial Services Committee on Current Federal Consumer Financial Data Privacy Law and Potential Legislative Proposals
Find out more
CIPL Response to Canada OPC Exploratory Consultation on the Children’s Privacy Code
Find out more
