The Current State of Global Data Governance

Data Governance Is Not Ready for AI

Susan Ariel Aaronson

November 12, 2024

This essay is part of The Role of Governance in Unleashing the Value of Data, an essay series that considers aspects of data governance and the value of data.

There is no artificial intelligence (AI) without data. Yet policy makers around the world struggle to govern the data that underpins various types of AI (Office of the Privacy Commissioner of Canada 2023). At the national level, government officials in many countries have not yet figured out how to ensure that the large and often global data sets that underpin various types of AI are governed in an effective, interoperable, internationally accepted and accountable manner. At the international level, policy makers have engaged in negotiations but have made little progress. As a result, despite the centrality of data to AI, data governance and AI governance are disconnected.

This essay¹ examines the implications of this incoherence. Starting with an overview, the author then focuses on why data for AI is so difficult to govern. Next, the author examines the data governance challenges presented by AI and discusses why international data governance is a work in progress.

Most of the efforts to govern AI say relatively little about data, including the EU AI Act (Hunton Andrews Kurth 2024) and US President Joe Biden’s executive order on AI (The White House 2023a). Given the importance of data to economic growth, data governance is a key component of twentieth-century governance. Moreover, how nations govern data has implications for the achievement of other important policy objectives, from protecting national security to advancing human rights (Jakubowska and Chander 2024; Aaronson 2018, 2022).

Most nations protect specific types of data, such as intellectual property or personal data, but are in the early stages of creating institutions and enforcement mechanisms to ensure that governance of data is accountable, democratically determined and effective.

There is no internationally accepted definition of data governance. The United Nations defines data governance as “a systemic and multi-dimensional approach to setting policies and regulations, establishing leadership for institutional coordination and national strategy, nurturing an enabling data ecosystem, and streamlining data management” (Yao and Park 2020). The World Bank (2021) notes that data governance consists of four main tasks: strategic planning; developing rules and standards; creating mechanisms of compliance and enforcement; and generating the learning and evidence needed to gain insights and address emerging challenges.

Policy makers have been governing various types of data for centuries. Recent research by the Digital Trade and Data Governance Hub examined 68 countries and the European Union from 2019 to 2022. The authors found that data governance is a work in progress. Most nations protect specific types of data, such as intellectual property (IP) or personal data, but are in the early stages of creating institutions and enforcement mechanisms to ensure that governance of data is accountable, democratically determined and effective. Additionally, many developing countries struggle to implement existing data laws and regulations (LaCasse 2024). Finally, countries have few binding data governance mechanisms at the international level (Struett, Aaronson and Zable 2023). These enforcement problems and governance gaps have become more visible since the popularization of generative AI, which is built on data scraped from around the Web (global data sets). Policy makers have struggled to protect personal and proprietary data taken from Web scraping, yet they have no means of ensuring that the globally scraped data is as accurate, complete and representative as possible (Aaronson 2024a).

Why Is Data Used in AI So Difficult to Govern?

Data Is Multidimensional

Data can simultaneously be a good and a service, an import and an export, a commercial asset and a public good. There are many different types of data, and policy makers must figure out how to protect certain types of data (such as personal or proprietary data) from misuse or oversharing while simultaneously encouraging such sharing in the interests of mitigating “wicked problems” — problems that are difficult for one nation alone to address because they transcend borders and generations (Aaronson 2022). When raw data is organized, it becomes information — information that society uses to grow economies, hold governments to account and solve wicked problems. Researchers see tremendous potential in the use of AI built on data to address such problems, but only if data is shared across borders.

Data for AI Is Multinational

Large language model (LLM) applications such as the chatbot ChatGPT are built on different sources of data. Moreover, data and algorithm production, deployment and use are distributed among a wide range of actors from many different countries and sectors of society who together produce the system’s outcomes and functionality. These LLMs are at the bottom of a global product built on a global supply chain with numerous interdependencies among those who supply data, those who control data, and those who are data subjects or content creators (Cobbe, Veale and Singh 2023).

Data Markets Are Opaque

Researchers and policy makers have little information about the demand, supply or value of much of the data that underpins the data-driven economy. In addition, most entities collect personal and non-personal data yet reveal very little about the data they collect. Here, again, generative AI provides a good example. LLMs are generally constructed from two main pools of data (pre-filtered data sets). The first pool is comprised of data sets created, collected or acquired by the model developers. This pool of data can be considered proprietary because it is owned and controlled by the LLM developer. It may include many different types of data from many different sources, as well as computer-generated (synthetic) data created to augment or replace real data to improve AI models, protect sensitive data and mitigate bias (Martineau and Feris 2023). The second pool is made up of Web-scraped data, which is essentially a snapshot of a sample of the Web at a given moment in time. Although these scrapes provide a broad data sample, it is hard to determine if the sample is accurate, complete and representative of the world’s data, a particular problem for generative AI.

Data Is Both Plentiful and Precious

On one hand, data is plentiful because almost every entity today — whether a government, a non-governmental organization such as Save the Children or a business such as Spotify — collects data about its stakeholders.² These same entities often use AI to analyze the data they have collected. On the other hand, governments and firms are taking steps to make data less plentiful. For example, policy makers increasingly recognize that large pools of data can be used to make predictions about country behaviour or to manipulate their citizens. As a result, countries such as Australia (Hammond-Errey 2022), Canada,³ China (Cai 2021), the United Kingdom (Geropoulos 2023) and the United States (Busch 2023) now see such pools of data as a security risk as well as a privacy risk.

Data-Driven Sectors Are Built on Information Asymmetries

Firms with more computing power are better positioned to extract and use data. They have the expertise, the finances and generally the data to utilize AI. Moreover, firms with more data are more likely to create new data-driven goods and services, which, in turn, generate more data and more market power. This phenomenon also applies across countries. Only some 20 firms possess cloud infrastructure, computing power, access to capital and vast troves of data to develop and deploy tools to create LLMs (Staff in the Bureau of Competition & Office of Technology 2023). These firms are also concentrated in a few advanced developed countries — in Asia, Europe and North America. As a result, a few companies with expertise in generative AI could hold outsized influence over a significant swath of economic activity (Staff in the Bureau of Competition & Office of Technology 2023; Hacker, Engel and Mauer 2023; Khan and Hanna 2023). Without incentives, these companies may not be motivated to ensure that their data sets are broadly representative of the people and data of the world.

How Is AI Altering Data Governance?

AI is constantly evolving and has become a key element of many goods and services (Wharton Online 2022; McKinsey & Company 2023). Many analysts now view some variants of AI as a general-purpose technology — a technology that can affect not just specific sectors, but also the economy as a whole (Crafts 2021; Hötte et al. 2023). Because of the growing importance of AI to economic growth, government officials in many countries are determined to develop policies that advantage their AI firms over those of other countries. This phenomenon, called “AI nationalism,” appears to be leading several countries to alter their data policies (Aaronson 2024b; The Economist 2024; Hogarth 2018; Spence 2019).

Only two governments, China (Gamvros, Yau and Chong 2023) and the European Union,⁴ have approved comprehensive AI regulation. Brazil, Canada and the United States, among others, are considering such regulation. But many of these efforts say very little about data. Some governments, such as Japan⁵ and Singapore (Norton Rose Fulbright 2021), are so determined to encourage AI that they have declared that copyrighted articles could be scraped for generative AI.

Generative AI is created from two types of data: proprietary data that may include personal and copyrighted information from sources collected and controlled by the AI developer; and Web-scraped data. Developers do not have direct consent to utilize some of the Web-scraped personal and proprietary data (Argento 2023). Meanwhile, governments in countries such as Canada, the United Kingdom and the United States are investigating the collection of such data for generative AI (Aaronson 2024a).

Policy makers have not yet figured out whether to encourage open-source versus closed or proprietary AI models. To be considered scientifically rigorous, all model developers provide some information about their models, but open-source models provide greater detail about how they trained and filtered data and then developed their LLMs. Policy makers recognize that there are benefits and costs to open- versus closed-source models. Open-source models make it easier for outside researchers to utilize and improve a particular model and, consequently, may facilitate further research, while closed-source models are generally considered to be more reliable and stable (Davis 2023).⁶ Some governments, including France (Robertson 2023) and the United Arab Emirates (Barrington 2023; The National News 2023), tout their support of an open-source approach to AI. The US government sought public comment and suggested that open-source models generally pose marginal risks; however, it should actively monitor any risks that could arise (National Telecommunications and Information Administration 2024, 2–3). China has done more than any other country to link data governance to its governance of generative AI (O’Shaughnessy and Sheehan 2023). The country requires AI service providers to:

use data and foundation models from lawful (legitimate) sources;
not infringe others’ legally owned IP;
obtain personal data with consent or under situations prescribed by the law or administrative measures;
take effective steps to increase the quality of training data, its truthfulness, accuracy, objectivity and diversity; and
obtain consent from individuals whose personal information was processed.⁷

The European Union will soon finalize AI regulations that will require high-risk systems to provide more information about data provenance. In October 2023, the Biden administration issued an executive order on AI (The White House 2023b). Although the executive order mentioned data 76 times, it said very little about how data should be governed, except to say that personal data and IP should be protected.

In the name of national security, governments of countries such as China, the United Kingdom and the United States are making it harder to access large pools of personal or proprietary data (Sherman et al. 2023). In Biden’s executive order, the administration promised to consider the national security implications of the use of data and data sets on the training of generative AI models and makes recommendations on how to mitigate the risks related to the use of the data and data sets (The White House 2023b, section 4.4 B). If this proposal continues, AI developers will be less able to create accurate, complete and representative data sets (Aaronson 2024a).

The State of Global Data Governance and AI

The platform on which data services flow is a “commons,” but policy makers in most nations have not focused on creating shared rules. Data generally flows freely among nations, but policy makers in a growing number of countries are erecting barriers to these flows. Internationally accepted rules would provide AI developers with certainty.

US policy makers first pushed for shared rules on cross-border data flows in 1997 with the Framework for Global Electronic Commerce.⁸ Policy makers from the Organisation for Economic Co-operation and Development then established global principles (Thompson 2000; Organisation for Economic Co-operation and Development and the Inter-American Development Bank, chapter 13),⁹ which were incorporated in various bilateral and regional trade agreements, such as the Digital Economy Partnership Agreement among Chile, New Zealand and Singapore,¹⁰ and the Comprehensive and Progressive Agreement for Trans-Pacific Partnership¹¹ among 11 Pacific-facing nations. These agreements delineated that nations should allow the free flow of data among signatories with long-standing exceptions to protect privacy, national security, public morals and other essential domestic policy goals.

In 2017, 71 nations began participating in the Joint Statement Initiative on e-commerce at the World Trade Organization (WTO). Today, some 90 members of the WTO are negotiating shared international provisions regarding cross-border data flows. These negotiations are being led by small open economies such as Australia and Singapore. Although the world’s two largest economies and leading AI nations are participating, the United States and China are not key demandeurs of an agreement. The parties have made progress. In July 2024, participants agreed to what they called a “stabilized text.” It includes language on personal data but no binding language regarding the free flow of data. The text says nothing about AI.¹²

Under international trade rules, a country cannot ban a product or service unless it can argue that such bans were necessary to protect public health, public morals, national security or other domestic policy objectives.

As noted above, the United States led global efforts to encourage rules governing the free flow of data and exceptions to those rules since 1997. US policy makers argued that such rules would advance human rights, stimulate economic growth and clarify when nations could block such flows.¹³ However, in November 2023, the United States announced that it would continue to negotiate such rules, but was seeking clarity and policy space to regulate the business practices of its data giants. Hence, the country could no longer support certain provisions on data flows, encryption and source code. With this new position, the United States seemed to be saying that the exceptions did not give it (and other nations) sufficient policy space for domestic regulation of data-driven technologies and business practices (Lawder 2023). Some argued that the United States was becoming more like China and India — nations that have long pushed for data sovereignty (Chander and Sun 2023; Mishra 2023). However, the Biden administration’s first executive order did direct the US government to work internationally to set standards for the data underpinning AI (The White House 2023b, section 11).

Under international trade rules, a country cannot ban a product or service unless it can argue that such bans were necessary to protect public health, public morals, national security or other domestic policy objectives. In a rare move, Italy banned ChatGPT in 2023 for some three months, arguing that the AI application violated EU data protection laws. But in January 2024, the Italian data protection body, the Garante, announced it had finished its investigation and stated that OpenAI, the chatbot’s parent company, had 30 days to defend its actions (Reuters 2024).

Meanwhile, policy makers are negotiating other agreements on AI, but these agreements are not focused on data. For example, in November 2023, some 18 countries, as well as the major AI firms, reached consensus on a non-binding plan for safety testing of frontier AI models (Satter and Bartz 2023). In November 2021, members of the United Nations Educational, Scientific and Cultural Organization (2021) agreed to a non-binding agreement on AI ethics.

Conclusion

Many of the world’s people are simultaneously excited and scared by AI. They recognize that the technology could improve their quality and standard of living, but they also fear it could be misused (Kennedy 2023). Policy makers in many countries are responding to that ambivalence with policies to reduce risk, make AI safer, and ensure that AI is developed and deployed in an accountable, democratic and ethical manner. Yet policy makers do not seem to focus on data governance as a tool to accomplish these goals.

Why is data governance so disconnected from AI? This essay began by asserting several reasons: data is difficult to govern because it is multidimensional; data markets are opaque; and data is simultaneously plentiful and scarce. The author noted that countries have different expertise and will to govern data, yet because data sets are global, policy makers must find common ground on rules. This sounds great on paper — but in the real world, the most influential AI powers are not leading efforts to govern data across borders. For example, China, India and the United States want policy space to govern data, data-driven technologies and data flows. In addition, many officials appear more concerned about their competitiveness in AI than about ensuring that the tedious process of negotiating internationally accepted rules on data is successful.

Hence, the author concludes this essay with a warning. Without such rules, it will be harder for AI developers to create accurate, complete and representative data sets. In turn, without accurate, complete and representative data sets, AI applications may continue to have significant flaws and inaccuracies. Users and policy makers may, over time, lose trust in the technology. And without trust, users and investors may turn to other methods for analyzing the world’s data. If that were to happen, the world’s people could fail to realize the full value of data.

1 This material is based on work supported, in part, by the NIST-NSF Institute for Trustworthy AI in Law and Society (TRAILS), which is supported by the National Science Foundation (NSF) under award no. 2229885. Any opinions, findings, and conclusions or recommendations expressed in this material are those of the author and do not necessarily reflect the views of the NSF, CIGI or the George Washington University.

2 Datafication refers to the transformation of subjects, objects and practices into digital data. Entities use this data to track individuals and make predictions about their behaviour. See Southerton (2020) and Shilova (2018); regarding the Spotify playlist, see Rojas (2024).

3 See www.canada.ca/en/security-intelligence-service/corporate/publications/csis-2021-public-report/national-security-threats.html.

4 The EU Parliament approved the AI Act in April 2024 (see Bracy and Andrews 2024) and the bill as of February 2, 2024 (see Council of the European Union, Proposal for a Regulation of the European Parliament and of the Council laying down harmonised rules on artificial intelligence (Artificial Intelligence Act) and amending certain Union legislative acts, 2021/0106(COD), online: <https://data.consilium.europa.eu/doc/document/ST-5662-2024-INIT/en/pdf>.

5 In Japan, copyrights are automatically generated when content is created, so not enforcing copyright made it easier to use older content (Nishino 2022; Wan 2023; Technomancers.ai 2023).

6 See https://allenai.org/olmo?utm_source=newsletter&utm_medium=email.

7 This regulation is the latest addition to AI regulations in China after the algorithm provisions in 2021 and the deep synthesis provisions in 2022. See Gamvros, Yau and Chong (2023); Cooley LLP (2023); Arcesati and Brussee (2023).

8 See https://clintonwhitehouse4.archives.gov/WH/New/Commerce/.

9 See www.mfat.govt.nz/en/trade/free-trade-agreements/free-trade-agreements-in-force/digital-economy-partnership-agreement-depa/depa-text-and-resources/.

10 See www.mfat.govt.nz/en/trade/free-trade-agreements/free-trade-agreements-in-force/digital-economy-partnership-agreement-depa/depa-text-and-resources/.

11 See www.mfat.govt.nz/en/trade/free-trade-agreements/free-trade-agreements-in-force/cptpp/.

12 See www.wto.org/english/tratop_e/ecom_e/joint_statement_e.htm, which links to the stabilized text.

13 WTO, Work Programme on Electronic Commerce, The Economic Benefits of Cross-Border Data Flows: Communication from the United States (dated 14 June 2019), WTO Doc S/C/W/382.

Works Cited

Aaronson, Susan Ariel. 2018. Data Is Different: Why the World Needs a New Approach to Governing Cross-border Data Flows. CIGI Paper No. 197. Waterloo, ON: CIGI. www.cigionline.org/publications/data-different-why-world-needs-new-approach-governing-cross-border-data-flows/.

———. 2020. Data Is Dangerous: Comparing the Risks That the United States, Canada and Germany See in Data Troves. CIGI Paper No. 241. Waterloo, ON: CIGI. www.cigionline.org/publications/data-dangerous-comparing-risks-united-states-canada-and-germany-see-data-troves/.

———. 2022. A Future Built on Data: Data Strategies, Competitive Advantage and Trust. CIGI Paper No. 266. Waterloo, ON: CIGI. www.cigionline.org/publications/a-future-built-on-data-data-strategies-competitive-advantage-and-trust/.

———. 2024a. Data Disquiet: Concerns about the Governance of Data for Generative AI. CIGI Paper No. 290. Waterloo, ON: CIGI. www.cigionline.org/publications/data-disquiet-concerns-about-the-governance-of-data-for-generative-ai/.

———. 2024b. The Age of AI Nationalism and Its Effects. CIGI Paper No. 306. Waterloo, ON: CIGI. www.cigionline.org/publications/the-age-of-ai-nationalism-and-its-effects/.

Arcesati, Rebecca and Vincent Brussee. 2023. “China’s Censors Back Down on Generative AI.” The Diplomat,
August 7. https://thediplomat.com/2023/08/chinas-censors-back-down-on-generative-ai/.

Argento, Zoe. 2023. “Data protection issues for employers to consider when using generative AI.” IAPP, August 9. https://iapp.org/news/a/data-protection-issues-for-employers-to-consider-when-using-generative-ai.

Barrington, Lisa. 2023. “Abu Dhabi Makes Its Falcon 40B AI Model Open Source.” U.S. News & World Report, May 25. www.usnews.com/news/technology/articles/2023-05-25/abu-dhabi-makes-its-falcon-40b-ai-model-open-source.

Bracy, Jedidiah and Caitlin Andrews. 2024. “EU countries vote unanimously to approve AI Act.” IAPP, February 2. https://iapp.org/news/a/eu-countries-vote-unanimously-to-approve-ai-act.

Busch, Kristen E. 2023. “TikTok: Recent Data Privacy and National Security Concerns.” Congressional Research Service Insight, March 29.

Cai, Vanessa. 2023. “China cracks down on theft of geographic data, warning of national security threat.” South China Morning Post, December 11. www.scmp.com/news/china/politics/article/3244672/china-cracks-down-theft-geographic-data-warning-national-security-threat.

Chander, Anupam and Haochen Sun, eds. 2023. Data Sovereignty: From the Digital Silk Road to the Return of the State. New York, NY: Oxford University Press.

Cobbe, Jennifer, Michael Veale and Jatinder Singh. 2023. “Understanding accountability in algorithmic supply chains.” In Proceedings of the 2023 ACM Conference on Fairness, Accountability, and Transparency, 1186–97. https://doi.org/10.1145/3593013.3594073.

Cooley LLP. 2023. “China Issues Measures on Generative Artificial Intelligence Services.” Cooley LLP, August 7. www.jdsupra.com/legalnews/china-issues-measures-on-generative-3929442/.

Crafts, Nicholas. 2021. “Artificial intelligence as a general-purpose technology: an historical perspective.” Oxford Review of Economic Policy 37 (3): 521–36. https://doi.org/10.1093/oxrep/grab012.

Davis, Gwen. 2023. “A developer’s guide to open source LLMs and generative AI.” GitHub (blog), October 5. https://github.blog/2023-10-05-a-developers-guide-to-open-source-llms-and-generative-ai/.

Gamvros, Anna, Edward Yau and Steven Chong. 2023. “China finalises its Generative AI Regulation.” Norton Rose Fulbright, July 25. www.dataprotectionreport.com/2023/07/china-finalises-its-generative-ai-regulation/.

Geropoulos, Kostis. 2023. “Former MI5 chief warns of national security threats.” NE Global, May 14. www.neglobal.eu/uk-former-counter-intelligence-chief-warns-of-new-cyber-security-concerns/.

Hacker, Philipp, Andreas Engel and Marco Mauer. 2023. “Regulating ChatGPT and other Large Generative AI Models.” arXiv, May 12. https://arxiv.org/abs/2302.02337.

Hammond-Errey, Miah. 2022. “Big data and national security: A guide for Australian policymakers.” Lowy Institute, February 1. www.lowyinstitute.org/publications/big-data-national-security-guide-australian-policymakers.

Hogarth, Ian. 2018. “AI Nationalism” Ian Hogarth (blog), June 13. www.ianhogarth.com/blog/2018/6/13/ai-nationalism.

Hötte, Kerstin, Taheya Tarannum, Vilhelm Verendel and Lauren Bennett. 2023. “AI Technological Trajectories in Patent Data: General Purpose Technology and Concentration of Actors.” INET Oxford Working Paper No. 2023-09. www.inet.ox.ac.uk/publications/ai-technological-trajectories-in-patent-data/.

Hunton Andrews Kurth. 2024. “Final Draft of EU AI Act Leaked.” Privacy & Information Security Law Blog,
February 1, www.huntonak.com/privacy-and-information-security-law/final-draft-of-eu-ai-act-leaked.

Jakubowska, Ella and Sarah Chander. 2024. “Council to vote on EU AI Act: What’s at stake?” EDRi (blog),
January 31. https://edri.org/our-work/council-to-vote-on-eu-ai-act-whats-at-stake/.

LaCasse, Alex. 2024. “Report examines state of African nations’ data protection laws, implementation efforts.” IAPP, Februrary 1. https://iapp.org/news/a/evaluating-african-nations-comprehensive-privacy-laws-and-their-implementation/.

Lawder, David. 2023. “US drops digital trade demands at WTO to allow room for stronger tech regulation.” Reuters, October 25. www.reuters.com/world/us/us-drops-digital-trade-demands-wto-allow-room-stronger-tech-regulation-2023-10-25/.

Kennedy, Alan. 2023. “World Risk Poll: Mapping Global Sentiment on AI.” Visual Capitalist, July 12. www.visualcapitalist.com/sp/global-ai-opinion.

Khan, Mehtab and Alex Hanna. 2023. “The Subjects and Stages of AI Dataset Development: A Framework for Dataset Accountability.” SSRN. https://papers.ssrn.com/sol3/papers.cfm?abstract_id=4217148.

Martineau, Kim and Rogerio Feris. 2023. “What is synthetic data?” IBM (blog), February 8. https://research.ibm.com/blog/what-is-synthetic-data.

McKinsey & Company. 2023. “The state of AI in 2023: Generative AI’s breakout year.” McKinsey & Company,
August 1. www.mckinsey.com/capabilities/quantumblack/our-insights/the-state-of-ai-in-2023-generative-ais-breakout-year.

Mishra, Neha. 2023. “Data Governance and Digital Trade in India: Losing Sight of the Forest for the Trees?” In Data Sovereignty: From the Digital Silk Road to the Return of the State, edited by Anupam Chander and Haochen Sun, 240–63. New York, NY: Oxford University Press.

National Telecommunications and Information Administration. 2024. Dual-Use Foundation Models with Widely Available Model Weights. NTIA Report. July. Washington, DC: NTIA. www.ntia.gov/issues/artificial-intelligence/open-model-weights-report.

Nishino, Anna. 2022. “Japan to allow freer sharing of content with obscure copyrights.” Nikkei Asia, June 3. https://asia.nikkei.com/Business/Media-Entertainment/Japan-to-allow-freer-sharing-of-content-with-obscure-copyrights.

Norton Rose Fulbright. 2021. “New Singapore Copyright Exception will propel AI revolution.” Inside Tech Law, November 15. www.insidetechlaw.com/blog/2021/11/new-singapore-copyright-exception-will-propel-ai-revolution.

Office of the Privacy Commissioner of Canada. 2023. “Statement on Generative AI: Roundtable of G7 Data Protection and Privacy Authorities.” OPC News, June 21. www.priv.gc.ca/en/opc-news/speeches/2023/s-d_20230621_g7.

Organisation for Economic Co-operation and Development and the Inter-American Development Bank. 2016. Broadband Policies for Latin America and the Caribbean: A Digital Economy Toolkit. Paris, France: OECD. https://doi.org/10.1787/9789264251823-en.

O’Shaughnessy, Matt and Matt Sheehan. 2023. “Lessons From the World’s Two Experiments in AI Governance.” Carnegie Endowment for International Peace, February 14. https://carnegieendowment.org/posts/2023/02/lessons-from-the-worlds-two-experiments-in-ai-governance?lang=en.

Reuters. 2024. “OpenAI’s ChatGPT breaches privacy rules, says Italian watchdog.” Reuters, January 30. www.reuters.com/technology/cybersecurity/italy-regulator-notifies-openai-privacy-breaches-chatgpt-2024-01-29/.

Robertson, Derek. 2023. “France makes a big push on open-source AI.” Politico, August 8. www.politico.com/newsletters/digital-future-daily/2023/08/08/france-makes-a-big-push-on-open-source-ai-00110341.

Rojas, Frank. 2024. “That Spotify Daylist That Really ‘Gets’ You? It Was Written by A.I.” The New York Times,
January 24. www.nytimes.com/2024/01/24/style/ai-spotify-music-playlist-algorithm.html.

Satter, Raphael and Diane Bartz. 2023. “US, Britain, other countries ink agreement to make AI ‘secure by design.’” Reuters, November 27. www.reuters.com/technology/us-britain-other-countries-ink-agreement-make-ai-secure-by-design-2023-11-27/.

Sherman, Justin, Hayley Barton, Aden Klein, Brady Kruse and Anushka Srinivasan. 2023. Data Brokers and the Sale of Data on U.S. Military Personnel: Risks to Privacy, Safety, and National Security. November. https://techpolicy.sanford.duke.edu/data-brokers-and-the-sale-of-data-on-us-military-personnel/.

Shilova, Margarita. 2018. “The Concept of Datafication; Definition & Examples.” Data Science Central, June 2. www.datasciencecentral.com/the-concept-of-datafication-definition-amp-examples/.

Southerton, Clare. 2020. “Datafication.” In Encyclopedia of Big Data, edited by Laurie A. Schintler and Connie L. McNeely, 1–4. Cham, Switzerland: Springer. https://link.springer.com/referenceworkentry/10.1007/978-3-319-32001-4_332-1.

Spence, Sebastian. 2019. “The birth of AI nationalism.” The New Statesman, April 10. www.newstatesman.com/science-tech/2019/04/the-birth-of-ai-nationalism-2.

Staff in the Bureau of Competition & Office of Technology. 2023. “Generative AI Raises Competition Concerns.” Office of Technology Blog, June 29. www.ftc.gov/policy/advocacy-research/tech-at-ftc/2023/06/generative-ai-raises-competition-concerns.

Struett, Thomas, Susan Ariel Aaronson and Adam Zable. 2023. Data Governance Mapping Project Year 4. Global Data Governance Mapping Project. Digital Trade & Data Governance Hub. https://globaldatagovernancemapping.org/.

Technomancers.ai. 2023. “Japan Goes All In: Copyright Doesn’t Apply To AI Training.” ACM News, June 1. https://cacmb4.acm.org/news/273479-japan-goes-all-in-copyright-doesnt-apply-to-ai-training/fulltext/.

The Economist. 2024. “Welcome to the era of AI nationalism.” The Economist, January 1. www.economist.com/business/2024/01/01/welcome-to-the-era-of-ai-nationalism.

The National News. 2023. “The UAE has been quick to adopt AI. Now it must build and export it.” The National News, September 4. www.thenationalnews.com/opinion/comment/2023/09/04/the-uae-has-been-quick-to-adopt-ai-now-it-must-build-and-export-it/.

The White House. 2023a. “Fact Sheet: President Biden Issues Executive Order on Safe, Secure, and Trustworthy Artificial Intelligence.” Statements and releases, October 30. www.whitehouse.gov/briefing-room/statements-releases/2023/10/30/fact-sheet-president-biden-issues-executive-order-on-safe-secure-and-trustworthy-artificial-intelligence/.

———. 2023b. “Executive Order on the Safe, Secure, and Trustworthy Development and Use of Artificial Intelligence.” October 30. www.whitehouse.gov/briefing-room/presidential-actions/2023/10/30/executive-order-on-the-safe-secure-and-trustworthy-development-and-use-of-artificial-intelligence/.

Thompson, Mozelle W. 2000. “U.S. Implementation of the OECD E-Commerce Guidelines.” Federal Trade Commission, February 12. www.ftc.gov/news-events/news/speeches/us-implementation-oecd-e-commerce-guidelines.

United Nations Educational, Scientific and Cultural Organization. 2021. “UNESCO member states adopt the first ever global agreement on the Ethics of Artificial Intelligence.” Press release, November 25. www.unesco.org/en/articles/unesco-member-states-adopt-first-ever-global-agreement-ethics-artificial-intelligence.

Wan, Audrey. 2023. “Why Japan is lagging behind in generative A.I. — and how it can create its own large language models.” CNBC, July 6. www.cnbc.com/2023/07/07/why-japan-is-lagging-behind-in-generative-ai-and-creation-of-llms.html.

Wharton Online. 2022. “How Do Businesses Use Artificial Intelligence?” Wharton Online (blog), January 19. https://online.wharton.upenn.edu/blog/how-do-businesses-use-artificial-intelligence/.

World Bank. 2021. World Development Report 2021: Data for Better Lives. Washington, DC: World Bank. www.worldbank.org/en/publication/wdr2021.

WTO. 2023. “E-commerce co-convenors set out roadmap for concluding negotiations in early 2024.”
November 30. www.wto.org/english/news_e/news23_e/jsec_30nov23_e.htm.

Yao, Keping and Mi Kyoung Park. 2020. “Strengthening Data Governance for Effective Use of Open Data and Big Data Analytics for Combating COVID-19.” Policy Brief No. 89. United Nations Department of Economic and Social Affairs. www.un.org/development/desa/dpad/publication/un-desa-policy-brief-89-strengthening-data-governance-for-effective-use-of-open-data-and-big-data-analytics-for-combating.

The opinions expressed in this article/multimedia are those of the author(s) and do not necessarily reflect the views of CIGI or its Board of Directors.