The idea of regulatory sandboxes has gained traction within the knowledge safety group. Because the UK Data Commissioner’s Workplace (the “ICO”) accomplished its pilot program of regulatory sandboxes in September 2020, two European Information Safety Authorities (“DPAs”) have created their very own sandbox initiatives following the ICO’s framework.
The Datatilsynet Sandbox Initiative for Accountable Synthetic Intelligence
The Norwegian DPA (the “Datatilsynet”) launched its sandbox initiative in 2020. The objective of the initiative is to advertise the event of revolutionary AI options which might be moral and accountable. It additionally will assist organizations implement privacy-by-design options and allow compliance with the EU Common Information Safety Regulation (“GDPR”). The Datatilsynet intends to leverage the learnings and insights arising from the sandbox tasks to additional develop its personal competence on this space and to develop tips related to organizations implementing AI.
The Datatilsynet obtained 25 applications from various private and non-private organizations earlier than the January 15, 2021 deadline. The Datatilsynet is now reviewing purposes to pick out 4 tasks (taking into consideration various sorts and sizes, throughout completely different sectors) that can enter the sandbox by mid-March 2021.
The CNIL Sandbox Initiative for Well being Information and Privateness-by-Design
On February 15, 2021, the French DPA (the “CNIL”) launched its personal sandbox initiative (in French) that covers revolutionary tasks within the healthcare sector that make use of private knowledge. The target is to assist organizations implement privacy-by-design from the outset. The call for application (in French) is at present open till April 2, 2021.
Submissions will probably be reviewed by a particular committee composed of CNIL members and exterior stakeholders. Three tasks will probably be chosen based mostly on the next standards: (1) addressing a public well being problem; (2) tackling novel knowledge safety points; and (3) committing sources to implement the CNIL suggestions developed throughout the sandbox. Tasks on telehealth, entry to analysis knowledge, sharing of knowledge between well being professionals or involving AI are significantly welcome.
As soon as the tasks are chosen, the sandbox course of will final till the tip of 2021.
The Centre for Data Coverage Management (“CIPL”) at Hunton Andrews Kurth has revealed in depth work on the ICO’s sandbox pilot venture and expects the idea of regulatory sandboxes to develop for DPAs and organizations alike.
Learn CIPL’s white paper on Regulatory Sandboxes in Data Protection.