The future of regulation

The context

In the coming decades, countries and regions around the world will be confronted with a question to which there is not yet a clear answer: how should data and AI be regulated for the benefit of people and society? 

With the outsized power and dominance of big tech companies, emerging AI capabilities that defy existing regulatory categorisation, and growing unease about an extractive and exploitative data economy, governments are being asked to consider whether existing regulatory regimes are sufficient to ensure the benefits of the rapid changes in technology are equally distributed, and the harms minimised and accounted for. 

The debate about the right way to manage and regulate data and digital systems is not new, and remains unresolved.  In the European Union, the General Data Protection Regulation (GDPR) sets the global standard for data protection regulation but in the absence of well-resourced enforcement bodies, its full potential is yet to be determined. Following the UK’s exit from the European Union, the UK Government launched a consultation to explore changes to the UK’s data regime. The USA has yet to adopt a federal privacy law, although California’s Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA) signals an appetite for greater data regulation. Meanwhile, antitrust authorities in all three jurisdictions are exploring novel approaches at the intersection of competition, consumer protection and data–protection law to curtail the power of large tech companies. 

Data and AI are the focus of digital strategies in various jurisdictions – Europe has published the first comprehensive proposal for the regulation of AI writ large. The UK has published a new AI strategy that signals an intention to explore regulatory frameworks for AI. The Cyberspace Administration of China passed a set of draft regulations for algorithmic systems, and in the USA, government offices are outlining positions and principles for a national framework on AI. Brazil has also adopted its principles and foundations for AI regulation. 

As data and AI are increasingly viewed as opportunities to carve out economic and geopolitical advantage, the Ada Lovelace Institute begins an analysis of the regulatory landscape by asking what regulatory approaches can support achieving a vision fit for the middle of the century which facilitates the responsible use of data and purpose–driven innovation, tackles data injustice and asymmetries of power and strengthens data rights and regulation.  

Ada’s approach

The Future of regulation programme explores how regulation can be used to rebalance power over data and AI to the benefit of people of society. We will undertake responsive work to bring evidence to bear on new strategic and regulatory opportunities and debates, and consider emerging and potentially transformative approaches to the regulation of data and AI.  

This programme focuses on the following interrelated areas: 

• The future of data regulation

In January 2020 we launched the Rethinking data programme by setting up a working group to explore changes in the digital ecosystem that can enable countervailing visions for the use and governance of data. The final report was published in 2022. We are also engaging in a live policy debate in the UK on potential post-Brexit reforms to the data regulation framework.  

• The future of AI regulation

With the publication of the EU’s draft AI regulation (the EU AI Act), and the forthcoming UK white paper on AI regulation, the question of whether, and how, AI should be regulated will be a live and contested one over the coming years. Analysing the European approach as it evolves, we seek to ensure the EU AI Act results in AI regulation that works for people and society. We will also translate developments in AI regulation at the European level for British and international audiences.

The impact we seek

The future of regulation programme enables us to achieve our strategic goals in the following ways: 

• We are anticipating transformative innovations in the field of governance and regulation, equipping policymakers and practitioners with up-to-date analysis of the context, impact, scope and implications of proposed regulations. 
• We are rebalancing power over data and AI by supporting the development of regulatory mechanisms for accountability and transparency through interpretation, scrutiny, expert evidence and convenings. 
• We are promoting meaningful data stewardship by exploring transformative mechanisms for supporting responsible and trustworthy data governance. 

• We are creating space for diverse scholarship through convening interdisciplinary conversations and equipping lawmakers and policymakers with access to expertise from across the sciences and humanities.