The future of AI governance—insights from IAPP's inaugural AI conference

To address the fast-moving landscape of artificial intelligence (AI), the International Association of Privacy Professionals (IAPP) hosted its inaugural AI Governance Conference in Boston this week—bringing together some of the brightest minds in the field to discuss key considerations for AI governance. 

It was a pleasure to speak to the nearly 1,200 attendees about AI governance, innovation, and how enterprises can navigate secure AI deployments. Our conversation was moderated by Jacob Jofe, a Board Observer at Tekion Corp and Venture Capitalist at Index Ventures, and was joined by Navrina Singh, Founder & CEO of Credo AI, and Adam Wenchel, CEO of Arthur. 

Alongside other speakers of the day, including Former New Zealand Prime Minister Jacinda Ardern, our expansive session covered key insights on selecting the right AI governance technology partners, as well as emergent trends that are shaping the future of AI governance.

We kicked off the panel with a fascinating discussion on President Biden’s recent Executive Order (EO) on AI. Navrina Singh played an instrumental role in developing the EO and offered fantastic insights on the importance of the groundbreaking legislation. 

For many enterprise companies and governance professionals, the Executive Order highlights the increasing importance of AI governance, especially in setting new standards for AI safety and security in the United States. 

The order mandates that AI developers share safety test results with the government to ensure these systems are safe, secure, and trustworthy. It also focuses on privacy protection, data privacy legislation, and the development of privacy-preserving techniques, as well as combating discrimination and promoting equity in AI applications. 

The panel explored Transcend’s approach to AI governance. Largely based on Maslow’s "Hierarchy of Needs," our approach emphasizes the importance of a structured framework for governance professionals. 

This hierarchy consists of five key components: Architecture, Auditability, Monitoring and Alerts, Policy Enforcement, and Insights. These elements provide a systematic framework for implementing effective AI governance strategies.

One significant discussion point revolved around how privacy professionals can take lessons from the field of privacy and align them with AI governance. The parallels between the two areas is evident—from working through technical issues, to understanding how data flows in accordance with policy, to establishing frameworks that meet current and future regulatory landscapes. 

The importance of strong technical alignment within enterprise organizations was another key concern for many companies in the room. This alignment between governance, security, and engineering is vital—ensuring that AI systems operate in a secure and compliant manner. It also helps organizations effectively adapt to changing regulatory landscapes by ensuring appropriate guardrails from the start. 

One area we discussed at length was the challenge of truly knowing your company’s data—a common pitfall in AI governance. You cannot govern what you do not understand.

For many companies, relying on static spreadsheets and surveys for data mapping is a reality that’s quickly breaking beneath their feet, as regulation advances and urgency around full data visibility ramps up. 

As it doesn’t provide an accurate understanding of where data resides, especially at the code layer, the survey-based data mapping approach is quickly becoming an outdated artifact. The panel encouraged attendees to immediately pursue a more dynamic and up-to-date approach to data management. 

Overall, IAPP's inaugural AI conference, shed light on the intricacies of AI governance. The conference not only highlighted the immediate challenges and considerations in AI governance, but also emphasized the importance of staying ahead of regulatory changes and technological advancements. 

By adopting a structured approach that includes a well-defined hierarchy of needs, strong technical alignment, and a thorough understanding of data, organizations can gain a competitive edge in the ever-evolving AI landscape. Attendees, including hundreds of governance leaders, were equipped with invaluable insights, tools, and strategies to navigate the complex world of AI governance effectively.

As AI continues to shape our future, the knowledge and insights gained from events like IAPP's AI conference are pivotal in ensuring that AI governance remains robust, adaptable, and effective. 

Privacy professionals and industry leaders alike must take these lessons to heart, ensuring that the ethical and responsible use of AI technology remains at the forefront of their strategies. We look forward to contributing meaningfully to more thought leadership on this topic in the weeks and months ahead. 

Transcend is the governance layer for enterprise data—helping companies automate and future-proof their privacy compliance and implement robust AI governance across an entire tech stack.

Transcend Pathfinder gives your company the technical guardrails to adopt new AI technologies with confidence. While Transcend Data Mapping goes beyond observability to power your privacy program with smart governance suggestions.

Ensure nothing is tracked without user consent using Transcend Consent, automate data subject request workflows with Privacy Requests, and mitigate risk with smarter privacy Assessments.

• AI Governance 101

• Transcend's approach to AI governance

• Understanding the dangers of ungoverned AI

• How to use the NIST AI Risk Management Framework

• AI Regulation: Comparing the US, EU, and China

• 5 steps for choosing an AI governance software