
The director of the Catalan Data Protection Authority (APDCAT), Meritxell Borràs i Solé, and the president of the Basque Data Protection Authority (ABPD), Unai Aberasturi Gorriño, have signed a collaboration agreement to promote the Catalan model for preparing fundamental rights impact assessments (FRIA) among Basque organizations. The goal is for it to become a benchmark methodology for Basque entities when mitigating the effects of AI in high-risk situations for individuals.
The agreement demonstrates the two entities' commitment to cooperating on personal data protection and the regulation of AI systems. They thus aim to promote the Catalan FRIA model among their respective entities to serve as a guide when conducting fundamental rights impact assessments. This is a mandatory requirement whenever organizations use AI and it poses a high risk to individuals' rights, in accordance with the Artificial Intelligence Regulation (RIA). The objective of this assessment is to identify risks and implement appropriate measures to reduce and mitigate them.
Fundamental Rights with AI
It is worth remembering that data protection supervisory authorities have been designated as authorities responsible for protecting fundamental rights with AI systems, which entails promoting awareness on the matter, providing guides and tools to help comply with the obligations imposed by the legal system.
In this sense, the Catalan FRIA model is a pioneering methodology in Europe, which was developed within the framework of the community of data protection officers of Catalonia (DPD en xarxa), promoted by the APDCAT (National Data Protection Agency). Specifically, within the working group led by Alessandro Mantelero, an expert from the European Data Protection Board and professor of Private Law and holder of the Jean Monnet Chair in Mediterranean Digital Societies and Law at the Polytechnic University of Turin.
It is designed as a tool to ensure reliable and human-centered AI, especially considering that data and technology create profiles and patterns that influence people. It is based on a theoretical model applied in several real-life use cases. All of this is intended to provide those responsible for deploying and providing AI systems with simple and useful tools that allow them to comply with the FRIA.
Under the signed agreement, the parties will share the actions or use cases in which the FRIA model is implemented within their scope and may agree to collaborate on its practical application and exchange the results derived from the use of the methodology. They will also support each other in the implementation of certain activities and in the promotion of training and dissemination activities.
The Catalan Data Protection Authority and the Basque Data Protection Authority have signed an agreement to encourage entities in their field to use the Catalan FRIA model as a reference methodology to identify the risks of artificial intelligence and establish measures to mitigate them.