Data protection is key, William Fry summit hears

AI has moved from tactical deployment to enterprise-wide strategic transformation, delegates at the William Fry annual AI summit at the Dublin Royal Convention Centre (7 May) have heard.

The summit was held just as Britain’s Solicitors Regulation Authority authorised the first law firm in that jurisdiction to provide a legal service through large-language-model artificial intelligence. 

Garfield.Law Ltd, of Tunbridge Wells, Kent, specialises in helping businesses recover debts of up to £10,000 – with costs starting at £2 for sending a 'polite chaser' letter.

Landmark moment

This was a ‘landmark’ moment for legal services, and could have huge public benefits, the SRA said.

The regulator sought assurances on quality checks, confidentiality, and safeguards against conflicts of interests.

Named regulated solicitors will still ultimately be accountable for standards, the England and Wales Gazette reports.

“Innovation in the delivery of legal services continues to build momentum and the SRA’s authorisation of Garfield Law is a significant milestone. We have to ensure as a profession, however, that the necessary safeguards are in place," said Law Society of England and Wales chief executive Ian Jeffery.

"Although the SRA's decision opens opportunities for AI-based law firms to make legal services more affordable and accessible, solicitors are still accountable to their clients regardless of the technology used," he added.

Data-protection strategies

The well-attended William Fry summit heard from government, regulatory, and industry experts that many organisations were grappling with implementing artificial intelligence while maintaining robust data-protection strategies.

The rise of large language models and generative AI tools had dramatically shifted the data-protection conversation, as leaders realised that transparency was fundamental in building user trust, attendees heard.

Inbuilt AI ‘transparency guards’ can provide comprehensive information about whether personal data is used and whether the model is open-source or proprietary.

Real-time polls at the summit found that:

• 71% of delegates think that AI will significantly impact employment levels over five years,
• 70% of organisations have an AI policy in place,
• Only 52% of organisations have conducted AI literacy training,
• 65% of business leaders believe AI is improving productivity,
• The top three roles leading AI implementation in organisations are: IT director and IT team (34%), managing director/chief executive/chief operations officer (23%), and R&D (20%).

William Fry technology partner Dr Barry Scannell said that it was concerning that 48% of organisations had not done AI literacy training, as this created liability and reputational risks.

Opening the summit, Minister Niamh Smyth said that AI was projected to contribute over $15 trillion to the global economy by 2030, and would have a positive impact on Irish business and growth.

Economic growth

“We are committed to ensuring that as AI drives economic growth, while also safeguarding fundamental rights and building public trust in emerging technologies,” she said.

There would be a distributive model for AI Act implementation with nine fundamental rights authorities and eight competent authorities involved, as well as a designated lead authority, she said.

The three pillars would be AI for the public interest, an AI innovation ecosystem, and AI-ready citizens, the minister stated.

The AI Advisory Council would have a key role in providing independent guidance on policy, she added.

Lawyer Cathal Ryan (deputy commissioner, Data Protection Commission) said that embedding data protection by design was not optional, but essential for AI.

“Robust privacy frameworks underpin both consumer confidence and the sustainable deployment of AI,” he said.

Large language models had banished any sense of GDPR fatigue, as concern grew about how personal data was being used and protected, he added.

Global benchmark

The GDPR now served as a global benchmark, Ryan told the event, and the DPC had a proactive role to ensure compliance with both GDPR and the AI Act.

Those organisations that could effectively navigate the complex intersection of innovation and privacy would emerge as leaders in their respective fields, the summit heard.

The DPC deputy commissioner also emphasised the importance of coherence and cooperation among regulators.

The DPC role, as a fundamental-rights agency and a competent authority, extends to interim court applications and requests to the European Data Protection Board.

It also plans to publish guidance for social-media companies.

Data protection impact assessments were more critical than ever, and organisations must proactively evaluate potential risks associated with AI implementations, updating existing templates and frameworks to address new technological landscapes, attendees heard.

Companies were moving beyond minimal compliance, embracing proactive communication about data usage, in line with increasingly sophisticated user expectations, the summit heard.

In a video address, EU Justice Commissioner Michael McGrath said that Ireland had shown commitment to AI innovation and ethical AI governance.

“This provides Ireland with the unique opportunity to emerge as a global leader in AI regulation,” he said.

William Fry head of technology Leo Moore said: “AI is not just a race now, this a sprint. It’s a legal and operational imperative."

Panels also covered topics such as Microsoft’s Copilot integration, tech investment and M&A, best practices in AI procurement, and the global outlook for AI governance and regulation.