Conference of the Personal Data Protection Office and the Council of Europe - report

On 10^th December 2025, at the headquarters of the Personal Data Protection Office, the conference "The Role of the Council of Europe’s Framework Convention on Artificial Intelligence in the Protection of Privacy and Personal Data - Legal, Ethical, and Social Challenges in the AI Era" was held. It was co-organized by the Personal Data Protection Office, the Social Team to Experts at the President of the Personal Data Protection Office, the Council of Europe and the European Commission for the Efficiency of Justice (CEPEJ).  

This is the first event of this type in Poland, fully dedicated to the importance  of the Framework Convention on Artificial Intelligence in the context of personal data protection and the legal, ethical and social challenges posed by the dynamic development of AI. Much attention has also been paid  to the related HUDERIA methodology, which is intended to assess the impact of AI systems on human rights, the rule of law and democracy.  

Opening of the conference

The conference was opened by Mirosław Wróblewski, President of the Personal Data Protection Office, emphasising that the event is of significant importance on a European scale. The President thanked the Council of Europe for co-organizing conference and presented the preliminary results of the Office’s survey on the use of artificial intelligence in organisations and awareness of the processing of personal data in this process.

As he pointed out, the majority of respondents, especially from the public sector, are unable to assess whether the AI systems they use process personal data, which shows a clear awareness gap. Organisations also reported the need for more support in the area of AI, including training for boards of directors and practical guidance on the implementation of AI-based systems.

Speech by Wojciech Wiewiórowski

In his speech, Wojciech Wiewiórowski, Ph.D., the European Data Protection Supervisor, emphasised that the Framework Convention on Artificial Intelligence aims to adapt to the reality in which new technologies are developing at a rapid pace. He pointed out that this is the first multilateral regulation of AI based on human rights and democratic principles, which is not aimed at hindering technological development, but at setting a safe and responsible framework for its use.

Wojciech Wiewiórowski, Ph.D., also noted that the modern debate on data protection cannot be conducted in isolation from artificial intelligence. He pointed to the global nature of the challenges - the convention was signed not only by European countries, but also by inter alia USA, Canada and Japan - stressing the need for a common interpretative framework and synergies between AI and data protection regulations.

Introductory speeches were also presented by Caroline Gloor Scheidegger, Vice-President of the Consultative Committee of the Council of Europe Convention 108, and Thomas Schneider, Vice-President of the Council of Europe Committee on Artificial Intelligence.

Panel 1: Key aspects of personal data protection in the light of the Framework Convention on Al

The first panel was devoted to the analysis of the relationship between the Framework Convention on AI and the existing regulations on the protection of personal data. As noted by the speakers, this document assumes the need to guarantee privacy and respect the existing regulations, including the GDPR. It was emphasised that in order for the convention to fulfil its role, its provisions must be properly linked to data protection mechanisms. Currently, there are still areas that need to be clarified between the regulations.

The experts appearing in the panel pointed out that the Convention is of a strengthening nature in relation to the applicable regulations, and its role is to create a coherent interpretative framework and complement existing instruments for the protection of human rights. They also highlighted the importance of a common understanding of AI risks. As it was emphasised, all participants in the process should use "the same map", which will allow for a more predictable and responsible use of artificial intelligence. The panel also emphasised the need for horizontal legal solutions to facilitate the functioning of enterprises, especially from the SME sector.

Panel 2: Practical aspects of data protection in Al systems

The second panel focused on the results of the Personal Data Protection Office’s survey and practical challenges related to the implementation of AI systems. As noted by Dominik Lubasz Ph.D, a member of the Social Expert Team to the President of the Personal Data Protection Office, the low level of awareness of the processing of personal data in AI systems is one of the main barriers hindering their safe implementation. He pointed out that organisations are often unable to assess whether personal data are actually used when working on AI solutions, which creates a risk of non-compliance.

The speakers emphasised the need for training that goes beyond the classic approach to personal data protection, including risk assessment, analysis of AI systems life cycle and the principles of practical implementation of models. Attention was drawn to the particular challenges associated with large language models that generate content in a human-like way, but with the risk of errors and so-called hallucinations. As it was emphasised, it is necessary to ensure a proper explanation of the operation of the models and compliance with the requirements of the Council of Europe Convention 108+ for the Protection of Individuals with regard to Automatic Processing of Personal Data.

Panel 3: Discussion on the role of artificial intelligence in the justice system

The third panel was devoted to the role of artificial intelligence in the justice system. As indicated by the moderator  of the panel, Marek Świerczyński, Ph.D. a member of the Social Team of Experts to the President of the Personal Data Protection Office, AI can significantly improve administrative and analytical processes in courts. The example of Spain is presented, where the automation of procedures has made it possible to shorten the process of granting citizenship from five years to five months, which shows the potential of technology in speeding up the operation of public institutions. 

During the discussion, it was emphasised that the starting point for the implementation of AI must be to define the problem that the technology is supposed to solve, and not the availability of the new tool itself. As noted by Krzysztof Król, Deputy Director of the International Cooperation Department of the Personal Data Protection Office, the Office supports the government in the adaptation of artificial intelligence, at the same time noticing the growing interest of judges in gaining knowledge before making a decision on the use of AI solutions or resolving cases concerning them. He pointed out that the Framework Convention and the HUDERIA methodology mechanism are an important common point of reference for justice institutions and the broader public sector, also outside Europe.

Summary

The conference confirmed the need to build a coherent, practical and human rights-based legal framework that will enable the responsible and safe deployment of artificial intelligence. Both the results of the Personal Data Protection Office’s survey and the voices of experts have shown that the development of AI requires close national and international cooperation and investment in the competences of public and private organisations and users. The Personal Data Protection Office will continue to support entities in adapting to new challenges and standards related to artificial intelligence in the field of data protection.