 The data component: towards compliant processing of (personal) data in AI system developmentBjørn Aslak Juliussen Chapter 3 in Compliance by Design in AI Systems, 2026, pp 40-130 from Edward Elgar Publishing Abstract: This chapter analyses the intersection of AI system development, data protection and cybersecurity requirements, and requirements in the AI Act. Central to the analysis is the principle of purpose limitation and data protection by design, which form part of the essence of Article 8 of the EU Charter of Fundamental Rights. The chapter also assesses the legal bases for processing personal data and outlines the conditions under which personal data may be processed for AI model training. Furthermore, it addresses data poisoning as a cybersecurity threat, partially addressed by the Cyber Resilience Act (CRA). Finally, it considers how data governance obligations under the AI Act and cybersecurity requirements for high-risk AI systems under the CRA could be operationalised within a Machine Learning development methodology known as MLOps. Keywords: AI Training; Personal Data Processing; Legal Basis; Fundamental Rights (search for similar items in EconPapers) Downloads: (external link) Related works: Export reference: BibTeX RIS (EndNote, ProCite, RefMan) HTML/Text Persistent link: https://EconPapers.repec.org/RePEc:elg:eechap:25422_3 Ordering information: This item can be ordered from Access Statistics for this chapter More chapters in Chapters from Edward Elgar Publishing |
Is your work missing from RePEc? Here is how to contribute.
Questions or problems? Check the EconPapers FAQ or send mail to .
EconPapers is hosted by the
School of Business at Örebro University.