Bonus on AI, Games, and Governance of Emerging Tech

Show Notes

Welcome to the Serious Privacy podcast, where Ralph O'Brien , Dr. K Royal, and Paul Breitbarth each provide a summary of the respective conferences they attended. The IAPP AI conference in Dublin, Games Expo, and Governance of Emerging Tech. Enjoy!

If you have comments or questions, find us on LinkedIn and Instagram @seriousprivacy, and on BlueSky under @seriousprivacy.eu, @europaulb.seriousprivacy.eu, @heartofprivacy.bsky.app and @igrobrien.seriousprivacy.eu, and email podcast@seriousprivacy.eu. Rate and Review us!

From Season 6, our episodes are edited by Fey O'Brien. Our intro and exit music is Channel Intro 24 by Sascha Ende, licensed under CC BY 4.0. with the voiceover by Tim Foley.

Transcript

Tim 0:04

You're listening to the award-winning Serious Privacy Podcast sponsored by TrustArc. Please welcome your hosts, Paul Breitbart, Ralph O'Brien, and Dr. K Royal.

K 0:18

Hi, everybody. So Ralph and Paul and I are happy to bring you a bonus episode because at different times over the past month or so, the three of us have been in different places, different countries, like we normally are, but different countries than normal. So Paul attended the IAPP AI Global Governance in Dublin. Got to see Shoshana there with the launch of her new book and quite a few of our other friends there as well. And he gives us a few minutes on what he saw going on at that conference. Right after that, we've got Ralph who went to the Games Expo. And did y'all know there are privacy issues with games? Not to mention the serious privacy game that is also launched. Want more details about that? Make sure you reach out to us. And then last, I went to the governance of emerging technologies and science at the Sandra Day O'Connor College of Law at Arizona State University. Two days, very powerful, of listening to people talk about topics that really hit you in that passionate privacy, data security, AI heart that we have. So enjoy these three summaries. And if you have any questions of any of them, don't hesitate to reach out to us at all.

Paul 1:46

I am at the IAPP AI Global Governance 2026 in Dublin. And I wanted to give you a report on the opening session of this morning. So the big theme was this AI governance is not just about controlling technology. It is actually about building human capacity. It is about how we think, how we lead, how we protect people, how we make sure this next wave of digital transformation works for society and not just for systems. About time, I would say that this is also finally recognized at conference. So it wasn't just about compliance, it wasn't just about the next generations of laws. It was actually about what does this mean for us in practice. The first speaker, Michael McNamara, member of the European Parliament, he opened with a reminder that AI is never just a technical or economic question, but it is a question about what kind of society we want to build. Guess that's a helpful statement from a legislator. Guess that's their work, right? Because it also moves us away from the tired idea that regulation is somehow the enemy of innovation. In the European context, the challenge is much more interesting than just that. It is about whether we can create the conditions for innovation that people can actually trust. So McNamara reflected on the AI Act. He is the one of the shadow rapporteurs for the digital AI omnibus legislation. And of course, he stressed that the European AI Act is the world's first comprehensive horizontal framework for AI. But he also pointed out to all the ongoing discussions about Europe's competitiveness. Obviously, we hear all the time the complaint that Europe is falling behind on artificial intelligence because we have legislation in place, legislation that isn't fully enforced yet and is already being amended before it is fully enforced. But hey, Europe's competitiveness is a concern that is without doubt. So his argument is that it is indeed not just about regulation. It's actually regulation is irrelevant. It is Europe's gap with the US and also with China is mainly about other issues. It's about investment, it's about infrastructure, it's energy, it's talent, but also the ability to move quickly without losing our values. And obviously, our values are important, probably much more important than they are in other jurisdictions. And that is something that in the end then is reflected into regulation. So maybe nothing new, but I do believe it's important that also the legislator stresses that at a conference like this. And that also brought the conversation very neatly to Ireland, because obviously, as you know, Ireland is fascinating in itself because all of big tech is here. It is the home of all of those companies for whatever reason they have chosen, but it is also probably the location where the physical reality of digital technology becomes very difficult to ignore. So McNamara noted that data centers have become a serious energy question in Ireland. And that was actually mirrored in an article I read in The Guardian last week, which covered research suggesting that Irish data centers consumed around ultra breath 22% of the country's electricity, more than all urban homes combined. 22%, can you imagine? So it's the same article that also reported claims that this demand has added an average of 360 euros to household electricity bills between 2015 and 2023. Of course, industry representatives disagree, they dispute the analysis, but even if half of that is true, I think it's a serious concern and something that needs to be much more prominent in all the discussions about AI. This is not just about our values and our regulations. This is also about the environmental impact. We've mentioned it before, but it is still not a core topic when we talk about AI. So there is a real policy tension there. And AI may feel like it's very easy to use, that it's wakeless, it's just on your phone or on your laptop when we interact with it on screen. Um, but it has a serious impact. It needs chips, it needs cooling, it needs land, it needs a lot of water, energy, grid capacity. So if all of this is part of our economic future in Europe, we need to be honest about those costs. And also, I think last week I listened to an episode of the Rest is Politics podcast with Alistair Campbell and Rory Stewart. And also they were discussing that the UK is falling behind and cannot even invest in AI because they do not have the electricity capabilities to support large data centers. And I guess that is probably also true in other jurisdictions. To be honest, the session or the speaker from the EU AI office was not that interesting, maybe a little disappointing, if I'm honest. But I did like the intervention by Mark Little, who was or is a journalist and visual media innovator, but also previously worked for Twitter and other tech companies. So he certainly was the best speaker this morning. So he talks about the way that the public conversation around AI is changing. People are no longer treating AI as something abstract or futuristic or only for experts. It is actually part of the day-to-day life for lots of people across society. They're asking direct practical questions. What does this mean for my work? How do I use it well? But also, more and more, how do I make sure that I do not become passive in front of a machine? So Mark drew on the lessons of social media. Many of us remembered the early optimism. This would make all our lives better, this would make the world better, a better place, because everything and everyone was interconnected. And this would also democratize communication. And of course, in some ways, social media did. But we also learned that technology is not good or bad by itself. It really depends on design, incentives, power, governance, but most importantly, human behavior. And that there are shitty humans around, I guess that's something also of all times. It's just also then very quickly becoming bigger and bigger. And that there are shitty humans about, I think that's that's self-evident. That there are shitty humans about, I think that's also self-evident, but it amplifies with all this new technology. So AI demands that we learn that lesson earlier this time. Yes, we can use it. Yes, the technology is there, but we also need to be careful how we use it and how we distribute the balance of power, how do we distribute the governance, and how do we ensure that we keep the human behavior in check? So I guess one of Mark's most useful points was about leadership. So in an age of so-called superhuman machines, the most important leaders may be those who become more human and not less. And that means self-awareness. It means empathy, it means being able to communicate uncertainty without creating panic. And it also means helping organizations move from fear to capability. It's more and more important also, and that's something else he stressed, that we meet each other in person at events around the world, such as this AI governance event. Because, as my former boss used to say, there is no such thing as a virtual beer. You need to meet in person to build real relationships. And that is actually also why I'm actually and that is actually also why I'm in Dublin this week. Or and that is also why I'm in Dublin these days, because I wasn't here for the IAPP AI governance conference. That was just a happy coincidence. I'm actually here for the Webinar AI governance event that took place last night. As always, there was a really nice group of people around the table, lively discussions about our day-to-day challenges, and of course, the warmth and friendship of Emerald and Shoshana. So it was a really good event. I loved being there. Both K and Ralph, you were both missed. They would have loved to have you here as well, but we can't always travel anywhere we want these days. But hopefully next time the three of us can can join together at a women in AI governance event somewhere else in the world. So that's it from Dublin for now. Enjoy the rest of the podcast. And from my until next week, and from me, until next week. Goodbye.

K 10:00

Now that sounds like a conference I would have loved to be at. Trust me, y'all too, huh? Those that were, give us some comments on what your takeaways from the conference were. And now we're gonna lead into Ralph, who is at the Games Expo. And you heard that rumor about there being some privacy in games, and you know, maybe serious privacy created a game that you should ask us about. We may run a competition and give some to people. Who knows? Take it away, Ralph.

Ralph 10:32

Hello, it's Ralph O'Brien here. And it's always good to be able to do a little solo record for you. But by the time you listen to this, UK Games Expo will be long gone. Why am I talking about UK Games Expo, you might be asking? Because isn't this a data protection podcast? Well I've just spent three days at a huge trade show in Birmingham. Board games, tabletop role-playing games, and I still won't get round it all. My kids are here doing the Warhammer Open Tournament and Blood Bowl tournaments, including our wonderful audio editor, who's having a whale of a time. But I'm here for a different reason. And that is and it's probably come as no surprise, you may have seen the hints on LinkedIn. I am looking at lynch launching a serious privacy board game. Something a bit educational for professionals out there, but still fun for people to get round the table and learn all about data benefits without getting the harms. Now, this isn't so much as a hard announcement as a soft announcement because I'm still looking for a publisher. Or I might even go as far as kickstarting. Hence the reason I'm at Games Expo, looking around and speaking to various people at the trade show. Also, I'm really surprised about how much about data there is here. I've just been in a wonderful lecture with an IP lawyer called Anna Polter Jones, who talked about contracts, IP law, warranties, the use of data, trademarks, intellectual property, drawing sort of games design, and some spoke to some absolutely fascinating people about the process of being able to market and use data in a way to you know essentially sell games. So what's really struck me about the expo is also the amount of no AI signs. And I think this is kind of incredible really, because you know, this is a place that supports creativity, this is a place that supports people. And nearly every stand you go to, there's a sign saying all of our illustrations are done by humans, all of our writing is done by humans. If you use AI, don't bother coming to talk to us. Funny enough, when I was talking about my board game, the first game, some of the you know, people publishers would ask me is have you used AI? So it's clearly looked at in this sort of creative industry as an existential threat. So again, AI, AI, AI in nearly every kind of walk of life that we have. I'm recording this a couple of days after Games Expo, just after Keir Starmer has made a statement about, you know, think of the children and you know, let's think about talking about not banning under 16s from social media, but making sure that, you know, people like Google and Apple and things like that, you know, have controls in place on the device to remove nude content and things like that, or disable the ability of people under that age to send it. I think this is really interesting because it comes in the same time where the UN has released a report against social media bans talking about how children need to engage in the modern society and you know, sh education, training, and actually the real harms are in the sort of addictive design features, the deceptive design features of those platforms. So you know, rather than saying ban them, you know, make sure the platforms themselves are designed with safety in mind. Signal, again, that I use for a colot for communications, has come out with a similar sort of statement, you know, refuting the idea of this sort of protect the children dog whistle, and looking very much at the sort of the idea of, well, this will increase surveillance and cause you know a few problems there as well. And I don't think I disagree. Anyway, back to the Games Expo. Kind of a soft announcement, just to kind of give you a little bit of an update as I look around this place full of people doing their best to sell really wonderful creative things in a way that will help us. I've actually recently written an article for Privacy Laws and Business about gamification and how a sort of simulation and scenario can be a much better way to learn than, you know, simple sort of knowledge patches and e-learning and you know, some of those sort of training that we hate. Anyway, slightly unusual little report from me from Games Expo, but in the meantime, I just want to uh wish everybody a great time and look forward to seeing you on the podcast in the future. Have a great time and happy gaming.

K 14:58

Now I know that we've covered privacy and gaming and cyber and gaming several times, and you might be interested in the next episode we've got coming out, which is all about surveillance or social media and government control over access to social media by minors. Fascinating, fascinating episode we've got. But the games expo sounded phenomenal. I'm gonna move you on to the one that I went into. Have a lot of fun. This is K, and the conference I went to is on May 21st and 22nd in Arizona. It's the Governance of Emerging Technologies and Science held annually at the Sandra Day O'Connor College of Law at Arizona State University. I've been to this one multiple times. Love this conference. It's known as the GETS, Governance of Emergency Technologies and Science, G-E-T-S, GETS conference, uh, and has practitioners from all over the U.S. and all over the world for that matter. The format is having an opening and closing plenary session, and then in between, having concurrent sessions that run for about an hour and a half to two hours each, and they group four or five different topics in there with the various speakers in there. And so I won't give you what every topic in the conference was, but just a little bit of an overview of how it starts. Now, the host of this conference, the guy that runs the Center for Innovation, Center for Science and Innovation at ASU, who is Dr. Gary Marchant. Absolutely adore this man. He is the pinnacle of professional goals that you could aim for someone that's working on the edge of governance of emerging technologies and innovation. Absolutely could not respect a lawyer, a professor any more than I do Gary. And he probably won't ever hear this. But I tried to make sure he knows that I think so highly of him anyway. He is who I want to be if I ever grew up. Anyway so the plenary session this time was on public trust and dialogue in healthcare. It was moderated by Amanda Cortwright Limb, and then most of the speakers were from ASU. So Dr. George Post, Dr. Dave Inglethaler, Dr. Stephanie Carroll, Dr. Rachel Gurrari, and then Frank Kirchy, who is the partner at a law firm that handles many of these issues. And so each one of them were able to give a little bit of a presentation over their thoughts and what they see coming or what has been, and then a little bit of QA. So in the first concurrent session, just to give you an overview of how these run, so I think it was five different topics in here. And it was a panel on the governance of human in the AI loop. It was chatbots for student mental health. It was AI and personal rights, future projections, health technologies, and education. So different topics across this concurrent session. And the second concurrent session was on AI governance and risk management, neurotechnology and regulation, intellectual property and AI, AI in the courts, which is fascinating, space exploration and trust, which is equally fascinating, and autonomous machines. And then I spoke in the third concurrent session. My topic was on AI US regulatory approach. So my particular panel with Ryan Johnson and R. Scott. My particular panel with where is my panel? Oh, I was in the afternoon. Hold on, it was earlier than that. I have to cut this part out. But I don't want to stop it because then I'll never get back to it again. So my panel was on the organizational governance and AI, particularly the regulatory gap of managing the convergence of AI, privacy, and cybersecurity as governance plays catch up. My two co-panelists were Ryan Johnson, who's the chief privacy officer at the technology law group, and R. Scott Jones, who is the co-founder of the Generative Company. Had not met Scott before, absolutely enjoyed spending two days with him. Phenomenal professional. Ryan and I have known each other for a long time. And this is one of those topics that there's not really an easy answer for, right? We all know that we're trying to govern these emerging technologies, AI, all of this stuff within an aging frame legal framework that we're trying to wrap old laws across new capabilities. And no matter how innovative the people writing the laws may have been 10 years ago, 20 years ago, there's no way they could have envisioned technology being where it is nowadays. Or if they did, you don't exactly hit the nail on the head, right? Something's just a little off of the wiretap laws, not exactly addressing chatbots, but somehow or another it's recording one party or all parties. And how do we wrap that into the wiretap laws, right? So pretty fascinating topic to us. Now, other sessions in there were global AI and digital systems, organizational governance of AI, which we were under, sustainability, the US regulatory approach to AI, and medical technology. Oh, sorry, and cybersecurity in general. Now, y'all know me, I love cybersecurity, especially cyber law. So in there was cybersecurity in an age of quantum computing, from compliance theater to operational governance, rebuilding cybersecurity standards in a decentralized institution, cross-border data governance, and the end of passwords, which is fabulous, right? Let's all get rid of passwords. Y'all do know that the guy that came up with the standard, he and his working group that came up with the standard of changing your password every 90 days, and it has to be this many characters and special characters and upper and lower case, they had no clue. They just had to make something up out of the blue. He came out about, I don't know, six or seven years ago now. I'm gonna say it was right around 2000, try to keep that time frame fixed and apologize to the world as a whole because it's not really the effective way to do passwords. The most effective way that he said, and I've heard others say, is to pick four or five random words, have no relation to each other. That way people have a harder time breaking your password. Anyway, day two was a plenary session on who governs AI, power, policy, and global. Futures, which was absolutely fascinating as well. And then concurrent sessions on governing emerging space technologies, AI tort and liability, higher education in AI, which y'all know I did my PhD dissertation on privacy at U.S. universities, which a lot of people think only FERPA applies. No, universities are like any other business in the United States. Every privacy law could potentially apply to them if they meet the criteria, right? So there you go. Anyway, democracy and technology, AI and children and adolescents, which y'all know on the podcast has been one of the things that we're most interested in. And how do you protect our children, right? And how do you do it correctly? Blockchain and financial technology, and then the closing plenary on AI companions and intimate robots. So that is something a lot of us want to kind of turn our head and go, is that really a topic? Yes. Yes, it really is. The sex tools, let's just be blunt here. The sex tools running on AI to be able to, how often are they used? How effective are they? How personalized can they be? And now we're going to leave that alone and pretend that we're not talking about that anymore. Was absolute wonderful. I had an opportunity to see Di Bowman, who is now the new dean of the Armit School in Melbourne in Australia. Got to see her and her phenomenal shoes. Have to say, she and I bonded over the shoes before we bonded over anything else. Really good to see her again. And I've got to find a way to get to Australia, right? Even if I just visit for a couple of weeks to go to her school, or if there's a possible way of me being able to do an exchange work program there for like a semester, that would be phenomenal. Anyway, that was my conference. Love it. If you're looking for any conferences to add to your schedule and you're looking for something new that has a variety of topics that you can find something in there you love, but yet it's small and it's intimate, where you really get to meet the attendees and the panelists, and everybody is working in this field, then keep this one on your radar. It's actually pretty fantastic. Thank y'all. So that was it. That was the three conferences. Thank y'all for tuning in. We each respectively had a lot of fun where we were, and respectively, we also prefer to have been with our colleagues at the conferences they were at. But you know, there are just so many nowadays. It's really hard to get to all of them, right? No matter how much you love them. So Paul would say it's bye for now. Ralph would say goodbye, and I'm gonna say bye, y'all.

Tim 24:55

Now that was serious privacy. Please subscribe on your favorite podcast app and leave us a review. You can find us on LinkedIn, Instagram, and Blue Sky at Sirius Privacy. Feel free to drop us a question or a comment. We'd love to hear from you.