We received the good news that the Government has awarded the Norwegian Data Protection Authority additional funds to start work on creating a regulatory sandbox. We are therefore now embarking on our great efforts to contribute to the development of good solutions for artificial intelligence.
“Privacy is very important when we develop good solutions for artificial intelligence. Successful development and implementation of artificial intelligence depends on the population having confidence that the systems are safe and fair, and that personal data is handled responsibly,” says Director Bjørn Erik Thon.
The reason for the initiative is the government’s proposal in its artificial intelligence strategy to establish a regulatory sandbox for artificial intelligence in the Norwegian Data Protection Authority. For the Norwegian Data Protection Authority, the sandbox will help to increase knowledge of and provide insight into new innovative solutions, as well as make it easier to identify potential risks at an early stage.
What is a regulatory sandbox?
A regulatory sandbox is a secure testing environment for businesses that will experiment with new products, technologies and services under the supervision of the authorities. In this way, businesses will gain an increased understanding of the regulatory requirements set, and the authorities will be able to gain an increased understanding of new technological solutions so that risks and issues can be more easily identified.
“Developing artificial intelligence in accordance with the privacy regulations will help to achieve the trust required for the technology to reach its potential,” says Catharina Nes, director general and project manager.
What will happen in the sandbox?
In the sandbox, businesses will have the opportunity to develop innovative services within given frameworks and under the guidance of the Norwegian Data Protection Authority. The sandbox shall not grant an exemption from the Personal Data Act, but it shall be able to grant exemption from enforcement measures during the development phase of the project.
The sandbox shall be open to businesses, across different sectors, who use personal data to develop products and services that are innovative and that can demonstrate general benefits.
“Through participation in the sandbox, businesses will gain an increased understanding of the regulatory requirements set in the privacy area, which can help shorten the time from development and testing to the actual rollout of IC solutions in the market,” says Nes
Solutions that are put into operation after being developed in the sandbox should also be able to act as examples of pioneers, and help other companies that want to develop similar solutions.
The individual and society as a whole shall benefit from the development of new and innovative solutions within responsible frameworks.
An experiment
“The regulatory sandbox is an experiment both for us and for the businesses participating. In order for it to be a success, we depend on both us and the participants to be curious about each other and want to learn from each other,” says Catharina Nes.
In the UK, the Data Protection Authority experienced a lot of interest in its sandbox when it was launched this spring. Norway now becomes the second data protection authority in the world to establish such a sandbox.
“We look forward to starting the dialogue with stakeholders out there to hear their needs and how the sandbox should be aligned in order for it to work best,” says Nes.
The Norwegian Data Protection Authority is now in a pre-project phase, but will eventually invite public and private enterprises to report their interest. We’ll be back with more information.
From launch
In other words, the Government allocates NOK 3 million to the Norwegian Data Protection Authority’s commitment to regulatory sandbox.