CPDP – regulatory sandboxes for trustworthy artificial intelligence – global and Latin American experiences

This paper explores how regulatory sandboxes can be used to promote the development of trustworthy artificial intelligence (AI) systems. The analysis focus on the experiences of Data Protection Authorities (DPAs) who have been experimenting with sandboxes to foster the implementation of privacy by design principles in AI systems. Throughout bibliographic research, this study (i) highlights privacy-related elements on international AI regulatory frameworks; (ii) explores the concept of privacy by design (PbD) and some of its strategies, patterns and techniques, such as Privacy Enhancing Technologies (PETs); (iii) reflects upon the impact of regulatory sandboxes; and (iv) analyses how regulatory sandboxes are being discussed in the context of AI regulatory frameworks. While this study brings global perspective on regulatory sandboxes, it also does relevant analysis in the Latin American context by presenting different stages of development of initiatives in the region. One of the main findings of this paper is that literature currently lacks an analysis of how privacy by design could be used in the context of AI systems design and governance. It also suggests that regulatory sandboxes may be able to integrate PbD principles to foster the development of trustworthy AI, although further research would be needed on that matter.