Hostname: page-component-68c7f8b79f-kpv4p Total loading time: 0 Render date: 2025-12-22T21:58:13.411Z Has data issue: false hasContentIssue false
  • English
  • Français

From watchdogs to partners in tech innovation: Navigating regulatory roles in Norway’s AI sandbox

Part of: Experimental Regulation for AI Governance

Published online by Cambridge University Press:  10 December 2025

Regine Paul Open the ORCID record for Regine Paul [Opens in a new window]  and
Heidrun Åm
Regine Paul*
Affiliation:
Department of Government, University of Bergen, Bergen, Norway
Heidrun Åm
Affiliation:
Department of Sociology and Political Science, Norwegian University of Science and Technology, Trondheim, Norway
*
Corresponding author: Regine Paul; Email: regine.paul@uib.no
Rights & Permissions [Opens in a new window]

Abstract

How can existing experiences of regulatory experimentation inform AI sandbox design in Europe? This paper explores the ‘responsible AI’ sandbox of the Norwegian Data Protection Agency (DPA), a GDPR-oriented regulatory experiment created in 2020 with four projects per annum. Through an interpretive policy analysis of documents (exit reports and workshop transcripts) and semi-structured interviews with officials, we explore how the Norwegian DPA approached its mandate of ‘helping with responsible innovation’, where it identified role conflicts, and what scope conditions and challenges it perceived around sandbox work. Sandboxing represented a ‘new way of working’ for the regulatory authority: in an idea-based intervention mode, the DPA moves from rule-based interventions as a watchdog to becoming a dialogue-oriented partner in solution-finding, a concretiser of ambiguous GDPR rules, and a keen learner from sectoral and technical experts. Critical engagement with our data suggests that sandbox design should not be reduced to technical and procedural questions. It requires regulators’ critical reflexivity on their ambivalent role and power relations in the regulatory experiment: how to strategically select relevant projects and issues, how to navigate budgetary constraints and the lack of follow-ups, and how sandboxing affects more interventionist regulatory duties.

Keywords

artificial intelligencedata protection regulationregulatory sandboxexperimental governancecritical policy analysisregulatory agency

Information

Type
Research Article
Information
Cambridge Forum on AI: Law and Governance , Volume 1 , 2025 , e33
Check for updates
Creative Commons
Creative Common License - CCCreative Common License - BYCreative Common License - NCCreative Common License - SA
This is an Open Access article, distributed under the terms of the Creative Commons Attribution-NonCommercial-ShareAlike licence (http://creativecommons.org/licenses/by-nc-sa/4.0), which permits non-commercial re-use, distribution, and reproduction in any medium, provided the same Creative Commons licence is used to distribute the re-used or adapted article and the original article is properly cited. The written permission of Cambridge University Press must be obtained prior to any commercial use.
Copyright
© The Author(s), 2025. Published by Cambridge University Press.

1. Introduction

When an international workshop of data protection and tech specialists asked, in 2022, what the ‘fuss about the sandboxes’ was all about, a Norwegian delegate responded with high praise. Involved in a sandbox on ‘responsible AI’ in their country, they acclaimed this novel regulatory instrument as a welcome tool for authorities to learn effectively in an uncertain field, all while expanding their know-how within a fast-moving techno-societal innovation eco-system:

For us, it’s been one and a half years of sandboxing now and we have learned a lot … at the DPA, we are having discussions about AI that we could only dream about having a year ago, because we needed to understand not only the technology but the legal side, the business side, the communication side, the design side, a lot of different aspects of using personal data in AI applications.’

(Datatilsynet, 2022b)

But access to such deeper comprehension of technological development, related business models, and regulatory implications does not come easy. In the same workshop, a Norwegian official described a substantive transformation in ways of working as a precondition for their agency to benefit from sandbox projects: ‘We do give guidance, and we have dialogue next to case handling and enforcement, enabling us to go in depth with companies: it’s a new way of working for us and it’s super interesting’ (ibid). Taking this cue, this case study zooms in on pioneers’ role interpretations during sandboxing and explores experiences with dialogue-oriented regulatory interventions in the AI domain, including reflections on how these are situated within the regulator’s concurrent mandate for inspections, sanctions, fines, or bans on unlawful activities.

Dialogue-orientation has been a defining feature of regulatory sandboxes beyond AI. Scholars highlight the value which sandbox designers attribute to ‘collaborative regulation … between innovators and regulators’ (Ranchordas, Reference Ranchordas2021). Creating a trustful dialogue and partnership between these usually adversarial parties is a key objective in sandboxes (Alaassar, Mention & Aas, Reference Alaassar, Mention and Aas2020; Fahy, Reference Fahy2022). However, what are the consequences of ‘minimizing’ frictions between regulators and tech and putting the ‘common interest of markets, regulators, and communities’ (Just, Sivertsen & Lewin, Reference Just, Sivertsen and Lewin2023: 14) in focus? Critics fear a) a looming regulatory arbitrage and ‘races to the bottom’ if sandboxes were to be misused and b) a lack of adequate safeguards for fundamental rights protection and the rule-of law, if regulators were to prioritise innovation over risk mitigation in such dialogue-oriented settings (Madiega & Van de Pol, Reference Madiega and Van de Pol2022).

As regards regulatory ‘races to the bottom’, previous research on sandboxes evaluates regulatory exemptions rather critically, particularly in the field of AI (Buocz, Pfotenhauer & Eisenberger, Reference Buocz, Pfotenhauer and Eisenberger2023; Genicot, Reference Genicot2024; Laurent, Reference Laurent2024). The European AI ActFootnote 1 does not foresee legal exemptions or non-enforcement for sandbox participants (Ruschemeier, Reference Ruschemeier and Steffen2025: 326). Yet, competent authorities shall no impose fines for the duration of the sandbox so long participants follow the project plan and act in good faith (ibid.; Genicot, Reference Genicot2024: 2). If this ambiguous understanding of experiment conditions in the EU AI sandboxes means that high-risk AI systems can be tested in the real world and on real people without strict regulatory enforcement, it would be akin to an exemption from regulatory enforcement for sandbox participants in practice (Genicot, Reference Genicot2024: 2).

For such fears not to materialise, earlier research suggests that sandboxes should focus on enabling ‘regulatory learning, particularly for the benefit of regulators, rather than smoothing the path for companies’ (Ruschemeier, Reference Ruschemeier and Steffen2025: 329). The emerging scholarship on AI sandboxes as regulatory tools also highlights that, if well-designed, sandboxes can be useful testing grounds for evidence-based lawmaking and regulatory learning (Ranchordas, Reference Ranchordas2021; Ruschemeier, Reference Ruschemeier and Steffen2025). However, how exactly a ‘good’ design of sandboxes would look like from the regulator's perspective remains an open and normative question. The EU AI Act is remarkably vague on the issue (Ruschemeier, Reference Ruschemeier and Steffen2025: 326). While earlier research has warned of ‘regulatory capture’ (Ranchordas & Vinci, Reference Ranchordas and Vinci2024) in this context, raising fears about dominant businesses dictating what a ‘good’ sandbox project would imply, there is little in-depth exploration of how regulators themselves perceive, navigate and adapt different roles in experimental regulation and how they experience the benefits and challenges of running a sandbox.

Through a qualitative case study, we address this gap and provide insights on how regulatory authorities themselves experience and tackle sandbox design. This focus enhances understanding of the roles that regulatory agencies assume when they manage sandbox projects on AI, and how they articulate and address potential role conflicts between watchdog activities and dialogue. The DPA's interpretations of sandboxing are relevant because they shape how the GDPR (and eventually also the AEU AI Regulation) is enacted on the ground and which precedents for enforcement emerge through regulatory experimentation.

More specifically, we focus on the Norwegian Data Protection Authority (DPA, Datatilsynet), who, with its ‘sandbox for responsible artificial intelligence’ has established the hitherto most comprehensive regulatory environment for testing AI uses in Europe. In addition, its strong focus on public sector uses overlaps critically with the EU AI Act's definition of high-risk AI systems, for example in public service delivery and law enforcement. There is substantial research interest into the Norwegian sandbox experiences (Genicot, Reference Genicot2024; Ranchordas & Vinci, Reference Ranchordas and Vinci2024; Ruschemeier, Reference Ruschemeier and Steffen2025) as important site of learning lessons for the pending sandbox regime for high-risk AI systems required by the EU AI Act. In addition to its pioneering role, comparative research singles out the Norwegian DPA as a particularly critical voice on privacy and fundamental rights violations in European datafication projects (Padden & Öjehag-Pettersson, Reference Padden and Öjehag-Pettersson2024). It has routinely acted as a strict and vocal watchdog in the regulatory space, for example in hearings on NAV’s ‘trygdeskandalen’ (social security scandal) when (partly AI-based) algorithmic decisions erroneously sentenced social security beneficiaries for fraud in 7.000 cases (Ikdahl & Eriksen, Reference Ikdahl and Eriksen2023). By exploring how the Norwegian DPA has addressed its new mandate of ‘helping with’ responsible technology development, we can generate important insights for those designing AI sandboxes in Europe.

Our case study draws on publicly available policy documents (DPA annual reports since 2020, responsible AI sandbox report 2023, all sandbox project plans and exit reportsFootnote 2 up to 24 February 2025), transcripts of seminars (exit report launch webinars and thematic workshops), and interviews with three DPA officials – held between August and October 2024 – to explore the DPA’s interpretations of its role and the perceived ‘success’ conditions and challenges of its sandbox activities. We conducted a thematic analysis of exit reports, inductively exploring justifications of individual sandbox and AI projects, DPA role depictions, and perceptions of tensions that emerged in sandbox work. The interviews were coded inductively in Nvivo, generating 45 codes that we grouped in 10 categories from selection criteria over design to disagreements and issues. The analysis is inspired by interpretive policy analysis, focusing on the meanings which different policy actors – in our case the DPA – vest in policies or policy instruments and how related policy ambiguity is made sense of and acted upon in practice (Yanow, Reference Yanow2000; specifically for AI governance: Paul, Reference Paul2022). While critical anchoring of regulator’s claims and role descriptions in the wider political context is apt (and requires further research), for the purposes of this special issue, a relatively agnostic analysis of the DPA’s sensemaking is a useful starting point for thinking about what’s at stake in sandbox design.

We proceed by providing some context information on the Norwegian setting, the DPA’s mandate and activities. We then explore how the Norwegian DPA interprets the sandbox’ overall goal of ‘helping with innovation’ in the tech sector before detailing the conditions which the agency perceives as relevant for succeeding with its sandbox endeavour. We end with a discussion of what the Norwegian experiences imply for the design of AI sandboxes in Europe.

2. The Norwegian ‘responsible AI’ sandbox

In Norway, AI sandboxes were first mentioned in the ‘National Strategy for Artificial Intelligence,’ published in 2020. A few years earlier, the DPA itself had started lobbying for the creation of regulatory sandboxes. According to informants, this was partly inspired by a field trip to England and exchanges with the UK’s data protection authority Information Commissioner Office (ICO). ICO ran a regulatory sandbox with a focus on legal support on the processing of personal data in key areas ranging from digital currencies over genomics to personalised AI (Genicot, Reference Genicot2024: 62). With the sandbox method, the DPA saw an opportunity to gain insights in companies’ concrete AI uses and to ‘help with responsible innovation’ (Datatilsynet, 2022b). Unlike in fintech sandboxes, neither ICO nor the DPA provide regulatory exemptions through their data protection focused sandboxes.

Between its kick-off in 2021 and the end of our empirical research in December 2024, the Norwegian DPA had conducted 16 sandbox projects – normally running between three and six months each (cf. Table A.1 in appendix). The project plans and detailed exit reports are publicly available, as are workshop recordings on specific themes and projects. The sandbox receives funding from the Norwegian state. According to an evaluation report, the budget extended from 3 million NOK in 2020 to 9.2 million NOK in 2022. In 2022, funding was made permanent (Datatilsynet, 2023) and the scope of the sandboxes widened (from AI to digitalisation more broadly). The DPA employs interdisciplinary teams of lawyers, technologists, social scientists, and communication officers to sandbox projects. As one interviewee explains:

In each sandbox project, we have a project manager from the DPA. Normally, that’s about 50% [of this person’s time] during the time frame of the sandbox. Then we normally have two additional resources, for example a lawyer, a technology person, or a social scientist (DPA-01).

This interdisciplinary composition notwithstanding, the bulk of guidance provided in concrete projects focuses on data protection legislation. This is in line with the DPA’s main mandate, which is to contribute to compliance with privacy regulations and data protection. The DPA is an independent administrative body subordinated to the Ministry of Digitalisation and Public Governance. Based on article 57 of the Personal Data Act (Regjeringen (Government of Norway), 2016), their role encompasses control, supervision, and advice, as well as knowledge generation and dissemination.Footnote 3 Norway also features a strong tradition of public hearings on legislative proposals, with public sector actors as hearing bodies. The DPA often provides statements in such hearings, to ensure that legislators pay sufficient attention to data protection issues. First and foremost, however, the DPA is a supervisory authority (‘tilsynsmyndighet’) responsible for inspection and the enforcement of data protection regulations.

As mentioned earlier, the Norwegian DPA has a reputation of being a powerful regulator. For example, it attracted much attention in a public disagreement with the country’s health authorities, when, in the beginning of summer 2020, it banned the Norwegian contact tracing app for not being in line with ‘data protection legislation’ (Metzler & Åm, Reference Metzler and Åm2022). In his analysis of this controversy, Lund-Tønnesen (Reference Lund-Tønnesen2022) shows how the DPA shifted between what he labels rule-based, idea-based and norm-based interventions in the contact tracing app case. While rule-based interventions entail inspection and control, idea-based interventions are dialog-oriented and attempt to establish shared understandings. Norm-based interventions emphasize moral duty and require some knowledge about the technology or product (ibid.) In the case of the Norwegian contact tracing app, the DPA took an idea-based intervention approach initially, but then changed to rule-based (including inspecting and the subsequent ban) as well as norm-based interventions (like public shaming through media) eventually (ibid). It is important to note that, in their daily work, the DPA gives a lot of guidance, for example in its helpline. This dynamic role interpretation speaks to a longer-standing discussion in the regulation & governance literature about enforcement bodies engaging in ‘regulatory conversations’: regulators seldomly act as strict rule enforcers or consultants exclusively; they often operate strategically with an escalating set of role interpretations and measures in mind, depending on the regulatory environment, specific situation, and on how cooperatively their counterpart behaves (Ayres & Braithwaite, Reference Ayres and Braithwaite1992).

With its ‘responsible AI’ sandbox, the DPA belongs to the pioneers of such sandboxes in Europe. The sandbox has a clear dialogue-orientation and can thus be considered an instrument of idea-based and norm-based interventions (see appendix for overview of all sandbox projects). A theoretically and socially interesting question that emerges – and that we treat in our analysis below – is what effects the focus on these kinds of interventions as a ‘new way of working’ have on rule-based interventions. In terms of scope, the DPA put AI at the sandbox’ heart from the outset. In the first year of the sandbox, interest in participating was high. In the first application round, 25 projects applied and four were selected. In the second application round, 21 projects applied and four were selected (Datatilsynet, 2023). Therefore, we pay particular attention to selection criteria below. Entry requirements and eligibility rules for participants are also identified as important elements of sandbox designs (Genicot, Reference Genicot2024; Ruschemeier, Reference Ruschemeier and Steffen2025).

So far, the Norwegian sandbox focused strongly on public sector AI uses in Norway: nine projects experimented explicitly with applications in public service provision and administration and four more touched implicitly on public sector or hybrid use cases (until the end of 2024). Among the projects with public sector focus, five related to health care, two to the organisation of administrative processes, and one each to education, policing, public transport, and welfare. In 2024, generative AI technologies became a priority in the DPA’s sandbox selection round.Footnote 4 For example, funding went to a project involving the Norwegian University of Science and Technology (NTNU) on how the public sector can use Microsoft’s M365 Copilot – a large language model application integrated into Microsoft’s Office package – in line with public sector norms.

As the NTNU Co-pilot project can serve as an example for processes and activities within the Norwegian sandbox, we describe it in more detail here, offering some background for the subsequent empirical analysis. The project started with mapping 15 typical case management processes at the university. Based on this, the project prioritised three use cases: information gathering for white papers, writing meeting notes, and case management by email (NTNU 2024:32). The selection criteria demanded the tasks should be relevant for other public sector organisations than universities as well (ibid.). 15 selected users at NTNU received full access to Microsoft M365 Office Copilot with an integration of AI across all services, for instance giving the language model access to all internal documents and emails that the user has access to.

In the NTNU Copilot project, ‘the main goal has been to explore and clarify what the privacy regulations require for NTNU and other public organizations to be able to use tools like M365 Copilot in a responsible and legal manner.’Footnote 5 The 15 selected users had to carefully tidy up their data spaces but still problems emerged, such as that access to emails occurs with a lack of consent from correspondents. Results of the project include that, for example, if a student sends an email to ask for facilitating an exam due to health reasons, this sensitive health data would be shared with Copilot. Copilot can also create new sensitive information. For example, it can evaluate the feelings of team participants in meetings. In their exit report, the DPA recommended a specification of the privacy consequences of using Co-Pilot, a systematic mapping of the data the organisation holds and uses, but also a clear delimitation of the tasks Co-Pilot will be used for. NTNU decided against fully deploying the AI system.

3. A new way of working? What the AI sandbox means for the Norwegian DPA

Whom should AI development serve: businesses innovating and selling an AI tool, the control and disciplining functions of states, or the wider public? And to what extent should privacy rights violations be discounted in any specific AI innovation process? This is an important normative question for public authorities in general (Züger & Asghari, Reference Züger and Asghari2023) and for sandbox facilitators in particular. Indeed, the declared goal of the Norwegian AI sandbox is to help companies develop ‘privacy friendly … responsible innovation’ (DPA-01), in other words to strike a balance between innovation and rights protection. More specifically, tensions between GDPR norms and data requirements for AI development and use constitute the general starting point for the sandbox projects. To address (though not resolve) these tensions, participants come together in dialogue meetings, focus groups, and consultations, trying to identify technically workable and legally robust data minimization or anonymization strategies. For example, in its report ‘sandbox forever’, the DPA (Datatilsynet, 2022a) presents the regulatory sandbox as a collaborative approach to knowledge-sharing between project partners and the DPA, with interviewees stating firmly that a sandbox ‘is not a compliance check.’ In other words: the DPA designed its sandbox in the fashion of what Lund-Tønnesen (Reference Lund-Tønnesen2022) would label an ‘idea-based intervention’, which focuses on dialogue, guidance, and mutual learning, and breaks – at least to some extent – with the DPA’s more classic rules-based intervention.

In this section, we explore inductively how the DPA perceives its dialogue-oriented sandbox interactions. Our data reveal three elements of such sense-making around the regulator's role in the sandbox: as a self-proclaimed ‘partner in solution-finding,’ as concretiser of ambiguous GDPR rules, and as learner from sectoral and technical experts. To illustrate our claims, we use material from the sandbox projects cursorily (see overview in appendix fo full details).

3.1 The DPA as partner in solution-finding (with limited liability)

To help companies with AI innovation officials in Norway felt a strong need to reflect upon the DPA’s role and way of working. Instead of telling others what is allowed or not, the DPA entertains open-ended discussions with project partners in the sandbox, trying to find solutions for ‘responsible innovation’ on legally complex or uncharted terrain. One interviewee describes “a new way of working” where instead of pointing to problems, they would help to find solutions to a specific regulatory issue. Of course, giving guidance is part of what DPAs do anyway, but the interview partners all highlighted that the sandbox required a shift to approach the advice-seeking companies and public organisations as partners.

Even if guidance-giving was already part of the DPA’s job before sandbox work to some extent, the strong focus on dialogue and problem-solving in the sandbox context amounts to a new way of working, especially for a regulatory agency with a reputation of being a strict watchdog. Another interviewee describes that before the sandbox, they would try to keep a distance with those seeking guidance and apply a stricter approach. Now, the focus is less binary (as in: “saying yes or no”). If the DPA identifies a privacy problem in the sandbox work, they try to to find solutions together with the sandbox “partners” to develop AI tools in ways that do not violate privacy.

It seems that the mandate of helping with responsible innovation casts the DPA more than before into a role of a service-oriented partner who tries to find solutions together with project participants. And performing in its role as a partner, the DPA highlights that any conclusions and assessments reached in sandbox projects are not binding and that participants are free to follow or disregard any regulatory advice received. This is in stark contrast to the DPA’s watchdog and rule-oriented interactions when inspecting or sanctioning firms, or indeed banning a contact tracing app during the pandemic over privacy concerns. As one expert notes, it is important for the DPA to state publicly that the sandbox reports are not decisions by the regulatory authority. Participants remain responsible for following legal norms.

Indeed, all exit reports contain clear signposts that DPA recommendations are ‘guidance only’ and do not constitute an enforcement decision. However, such recommendations can also mask conflict avoidance decisions as non-decisions.

Interviewees also reflected upon cases where the guidance they provide to partners bordered at the realm of ‘you cannot do this’. An example is the PrevBot case, where the Norwegian Police University College tested a system for detecting sexual child abuse and grooming behaviour in online chatrooms. Here, the DPA was very vocal about the lack of a legal basis for processing live data from chatrooms to create linguistic fingerprints that could then train the AI model. In addition, the DPA saw no sufficient legal basis in the relevant Police Databases Act for processing past criminal case records for the risk assessment algorithms. But even in this controversial case, the answer to the question of whether a model could be trained on real court cases is treated in ‘10–12 pages’ of nuanced assessment and ‘the answer isn’t necessarily a crystal-clear “yes or no,” but a “do it this way”’ according to DPA officials who publicly launched the project’s exit report in a webinar in March 2024 (Datatilsynet, 2024a). Of course, their consultative character does not make DPA recommendations less powerful, and we expect the Norwegian police (or other actors in similar situations) to be alert to such unanimous guidance from a regulatory authority.

Other sandbox projects concluded that the legal basis for training AI tools was lacking, stopping project partners from collecting and processing data in line with GDPR requirements. For example, in the exit report about an AI tool to manage sick leave dialogue meetings by the social security authority (NAV), the DPA concludes that NAV has no sufficient legal basis for processing data on the insured population. Similarly, in the case of learning analytics tool, the DPA considered the legal basis for training a model on pupil data as being shaky. In the latter case, the sandbox project dedicated two workshops to discussing the legal basis for processing personal data, with the DPA reaching the conclusion that the existing supplementary basis was insufficient. In these cases, tensions between GDPR norms and data requirements for AI development were particularly clear and the room for dialogical solution-finding seemingly smaller.

Interestingly, however, the DPA did not issue an ‘you cannot do this’ assessment in neither case. Rather, it sometimes interpreted its solution-finding role as exploring pathways towards legislative empowerment on behalf of project partners. One DPA-officer, who worked with the NAV case, argued in the interview with us that their goal was clear: whenever they encountered legal barriers that were hindering innovation, they would engage with the issue, for example by working towards the Ministry to push for legislative changes.

In a project on a learning analytics tool for schools designed by a consortium of university institutes and municipal actors (AVT), the DPA advised project owners to use the pending amendment of the Norwegian Education Act as an opportunity to create a sufficient legal basis for doing what they had in mind for model training. Though not featuring in all Norwegian DPA sandbox projects, such examples illustrate that sandbox interactions can entail problematic role conflicts when regulators normally responsible for data protection enforcement consider legislation as hindrance to tech innovation.

Overall, in the Norwegian sandbox, the DPA sees itself as a partner in solution-finding to address the legal and technical complexities of innovation. In some projects, this included the exploration of pathways towards legal change. Still, it is questionable how close this partnership is. For example, the DPA claims limited liability in outcomes of the partnership: according to DPA informants, it is participants’ decision alone whether and which recommendations to follow and interviewees highlighted that – no matter what any exit report might state – the DPA will not be co-responsible for any eventual GDPR breaches by project partners. The DPA retains its powerful control function and can theoretically enforce legislation vis-à-vis sandbox participants anytime when in their watchdog role.

3.2 The DPA as concretiser of ambiguous GDPR rules

From the viewpoint of the DPA, sandbox interactions have further served as fora for exploring and pinning down the meaning of (often ambiguous) GDPR rules and implementation paths. One DPA official describes this process of rule concretisation in a workshop with British peers from the ICO and members of the European Parliament:

The companies tell us: ‘Okay, we have the GDPR we have general guidance, but how does it work in practice?’ And I think this is where the sandbox has given a unique opportunity to dig deeper into issues where we don’t know the answer, when it comes to fairness, transparency, data minimization, what does it mean in practice in AI cases? (Datatilsynet, 2022b)

An interesting case here is the AVT learning analytics project. Here, the DPA and project partners debated whether data processing of pupils’ in-class performance should be based on a ‘legal obligation’ or a ‘public interest’ clause for data processing under GDPR article 6. The DPA argued that the latter stricter clause applies and offered an interpretation of the division line between legal obligation and public interest. While Norwegian schools have a mandate for providing good quality education and helping each student progress (potentially a legal obligation), the DPA argued that it is not evident that the use of a data-heavy AI system, which tracks pupil performance in a learning app and provides tailored exercises is strictly required to fulfil the public education mandate.

Similarly, a project about a machine-learning assistant for sorting and archiving correspondence within public organizations (Simplifai) aimed at establishing the correct legal basis for using the tool in decision-making and to discuss in-built privacy protections for the communication to be archived. In the exit report, the DPA identifies a clear GDPR boundary for data processing in AI model training:

Even if there is a legal basis for using artificial intelligence for archival purposes, such as processing being necessary to comply with a legal obligation, this does not necessarily mean that there is a legal basis for continual learning of the algorithm. (pp. 7–8)

In several cases, questions about responsibility for privacy protections and data control obligations under the GDPR arose. For example, an important legal question in the Simplifai project was whether the developer or the public sector case workers should be responsible for privacy protection when they archive e-mails from citizens or co-workers with the help of the AI-archiving tool. In the case of Ruter – a public-transit organisation owned by Oslo municipality and Viken county wanting to design a AI-based, personalized travel recommendations app –, the sandbox project explored uncertainty around whether the local storage of personal data on users’ devices via an app constituted personal data processing such that Ruter would count as a data controller under the GDPR.

3.3 Learner from sectoral and technical experts

We already discussed how the DPA sees itself as partner for project participants to explore legal complexities around issues such as the concrete legal basis for processing personal data, anonymization, discrimination, or transparency. When entering dialogues with AI project owners, DPA officials do not assume they have all the right answers at hand. Instead, they hope to learn about different legal and technical issues just as much as their project partners. In the words of an interviewee:

In early days, […] we are not even sure how to solve it, but it pushes us to discuss it. … not like ‘this is the answer, and … that’s final.’ But more like ‘these are the considerations that we were discussing’ (DPA-01).

Mutual learning about the technology, legal issues, and the specific interpretation of GDPR norms is a sandbox objective. The hope is that discussions within projects create a forum for such learning. DPA officials underline that:

A good sandbox project is also learning for the DPA. It’s not only about us giving them guidance, it’s us together finding out what are the limits in these questions. (DPA-02)

For a few projects, the DPA additionally stresses the value of receiving insider information. This is the case where the project partners are (perceived as being) far advanced with their tech development and/or have strong expertise in data handling in their specific sector. This applies, for example, to big public sector organisations such as Helse Bergen or NAV. In the perception of DPA employees, these actors have already gathered substantial experience, skills, and best practices about legal challenges of AI tools:

We knew that we would learn a lot from their way of thinking, step-by-step thinking and detailed thinking about different things. (DPA-02)

In this context, sandbox projects with a precarious legal foundation, which are therefore less likely to be implemented as planned, are considered particularly fruitful for regulatory agencies in terms of learning about controversial issues. A striking example is PrevBot, where DPA representatives describe a feeling of being torn between excitement and deep concern about AI technology uses in law enforcement:

It has the potential of preventing [crime] … it has the potential of making society better in a really important and good way. But it has also the potential of being a mass surveillance tool. (DPA-02)

In this interview, the informant highlighted that the – in their perception – civilized and open discussions in the sandbox (and the transparent communication of concerns to the public) helped unpack more controversial AI systems in the public sector, such as PrevBot or Co-pilot, from different perspectives.

At the same time, less controversial cases in legally more certain situations also offer lessons to learn. In such projects, the DPA could concentrate on exploring how the GDPR, the AI Act, and more concrete Norwegian legislation can be implemented through technical measures and designs. A case in point is Helse Bergen’s project on predicting patients’ re-admissions to hospital to plan hospital beds. The project started with a fully developed AI system ready to use, so that sandbox interactions allowed for a testing of how to operate this responsibly and for the DPA to learn about law-abiding model training and deployment from a technically and legally mature case. Moreover, DPA officials appreciated projects in sectors with which they had limited familiarity and experience to date. Such projects – for example AVT’s learning analytics tool – would help ‘shed light on an area the Data Protection Authority does not have much experience with’ (exit report of AVT project).

An important hope (though they did not report of any practice examples yet) for DPA officials was that learning from idea-based interventions can spill-over to the regulator’s more rule-based interventions:

On general level, [sandboxes] increase our knowledge to the kind of surroundings of data processing and can help us do better case management, enforcement action, and guidance as well. (DPA-01)

Thus, the in-depth knowledge of data collection and processing mechanisms in concrete AI systems, acquired in sandbox work, can make it easier for the DPA to know which questions to ask and what to look for when on inspections. And yet, it is also conceivable that just as the habit of dialogical interactions with project owners increases, the critical distance of the DPA as an independent inspectorate in charge of protecting citizens’ privacy against AI system providers and users may decrease.

4. How does the DPA experience sandbox design?

As shown above, the DPA experiences its AI sandbox projects as successful fora to enable problem-solving, help concretize ambiguous GDPR norms and entice valuable learning from partners’ sectoral and technical expertise, not least for its wider mandate. When prompted to discuss the prerequisites and design choices for effective sandbox projects, our informants highlighted the importance of selecting projects and discussion questions to focus on very strategically. They discussed the following as essential: the selection of projects with relevance for many, a balanced selection of projects at mature and more exploratory stages, but also the narrowing-down of any project’s legal complexities to a few manageable legal questions. Interviewees also pointed to challenges in navigating trade-offs, role conflicts and cut-off points with a view to their wider regulatory mandate. We discuss both design decisions and challenges in turn below, before ending with our case study’s implications for designing EU AI sandboxes.

4.1 Strategic choices and trust-building

According to the DPA’s homepage, the first criterion to select projects is a focus on privacy friendly innovations (Datatilsynet, 2025). This corresponds to the DPA’s mandate in data protection, limiting the scope of the DPA’s ‘responsible AI’ sandbox from the outset (indeed, Norway is yet to redesign or re-allocate the sandbox to a different competent authority to implement EU AI sandbox requirements beyond the GDPR focus). Other selection criteria concern the projects’ ‘public value’, the usefulness of sandboxing for the project partners, and the applicant’s establishment in Norway.

While the DPA wished for diversity and broad participation in the sandboxes, most projects conducted until February 2025 had a public sector component. Interviewees suggest that this is an unintended phenomenon, yet it is structurally underpinned: The strong Norwegian public sector features several large organisations that have more resources and experience than small start-ups. As the DPA prefers mature projects with public value and partners ready to dedicate their own staff, time and competencies to the sandbox, those large public players enjoy a positive selection bias in the sandbox applicant pool (which might well differ in other countries with weaker public sectors).

For the DPA, knowledge sharing – as opposed to providing standard guidance – is a crucial feature that distinguishes sandboxes from other regulatory interventions. This has consequences for project selection:

An important criterion is that the project is … or the questions they have, that they are important and relevant for others as well. Because often the point of a sandbox is helping many by helping one. And if you’re not, if your questions are only relevant for your company and it’s not transferable to others, that is just normal guidance and not a sandbox project. (DPA-02)

Thus, the DPA picks projects with an assumed relevance for others. DPA officials consider ‘helping many by helping one’ the ‘key foundation’ of their sandbox work overall (with the caveat that societal relevance is defined by an internal selection committee and is not fully transparent for the Norwegian public).

One strategy for providing learning for many is to choose diverse projects. One official was adamant about achieving a ‘good mix’ overall between projects from partners with a lot of in-house tech expertise (NAV and Helse Bergen are seen as pioneers here) – usually large public authorities in the Norwegian case – and those from perhaps more inexperienced start-ups or smaller public sector bodies that nonetheless ask highly relevant questions and discuss scalable technical and legal solutions (DPA-02). Another strategy to enable wider learning is to make knowledge dissemination integral to DPA sandboxes. In addition to the publicly available exit reports, the DPA produces seminars, podcasts, and newsletters. Unlike in other sandbox settings, applicants’ willingness to be transparent is an entry requirement in Norway. Finally, the DPA deliberately bundles themes in project selection to harvest synergies across and beyond projects. For example, DPA officials justify the recent focus on large language model projects in the sandbox as a strategic move to boost its own expertise by working with large partners like NTNU, all while monitoring pilots to help avoid large-scale rights violations (Datatilsynet, 2024b).

Another goal in the selection of sandbox projects was to navigate the trade-off between involving mature projects, such as the ready-to-rollout predictive tool by the health organisation Helse Bergen, and those at early stages of development, such as PrevBot’s predictive policing system or the AVT learning analytics tool. (This seems to contradict a later statement where the DPA emphasizes the usefulness of selecting projects at the ‘drawing stage’, but it implies that some are closer to roll-out than others.) The selection of projects along the axes mature versus early stage relates to the DPA’s own learning role, as described above. By selecting technically and legally mature projects, as well as partners with a lot of sectoral expertise, both the regulator and other providers of AI applications can learn about potential solutions to pressing regulatory questions (particularly given the public availability of exit reports).

If they’re a bit further, they know how it’s going to be used, they know the data flows, then we can be specific and it’s more fruitful. (DPA-01).

At the other end of the spectrum, the selection of projects at early stages and/or with less experienced partners allows for more exploratory discussions of how to think about legal and technical safeguards before citizens’ fundamental rights are being violated. Balancing differing project maturities is thus an important consideration in project selection.

Another important but challenging part of sandbox design, according to our informants, was to settle the scope and focus questions for the specific project during the first meeting. They explain how a first meeting would settle the most important questions for the project, also bearing in mind what might be most insightful for a wider public and other AI developers and users.

So, even though applicants are required to specify relevant questions in the application form, the first sandbox meeting is normally about ‘scoping, deciding what questions to look at and what activities to take’. The duration of this initial phase depends on the maturity of the project and the expertise of partners. It is important to note that, in line with the Norwegian DPA’s mandate on data protection, all projects focus on legal questions related to AI development and deployment and do not address broader social or ethical issues (such as AI’s carbon footprint or structural forms of discrimination; also see discussion).

Moreover, enacting the role of a partner (as opposed to being a law enforcer) also requires creating trust, from the perspective of the DPA. One interviewee shared that - at times - sandbox discussions could reveal that the research, design or preparation already gone into an AI solution is not in line with the GDPR. It therefore requires trust among all involved to speak openly about such vital cases and to enable the mutual learning which the sandbox was designed to entice.

Arguably, at least in the perception of the Norwegian DPA, a trust-based interaction model both across society and the political landscape helps enterprises and public authorities be more willing to share project details. For one DPA official, learning is only possible with openness toward ‘the rest of the world’, especially in situations where authorities evaluate the legal basis for data processing and AI deployment as shaky. At the same time, the trust imperative might create further incentives to tone down more controversial issues or legal concerns – at least towards the public – which however should be at the centre of a watchdog’s attention and reporting duties.

4.2 Navigating trade-offs, role conflicts, and boundaries

In interviews, DPA officials also reflected upon some challenges with their sandbox work. Firstly, they discussed how budget constraints shape the effectiveness of their work. As sandbox projects ‘take a long time and they take so much resources’, the trade-off between doing this new kind of work and investing resources in other activities was seen as ‘really challenging… when we have so many cases, we should go on enforcement action and then we have to not do that in order to do the sandbox, it’s really hard to prioritize resources’ (DPA-01). As highlighted in an annual report,Footnote 6 in 2023 the Norwegian DPA had a total of 68 staff handling more than 4200 new cases (usually after complaints by a data owner), issued more than 2800 letters (meldinger), and conducted 119 inspections (both written brief inspections and physical ones). Time and staff spent on the sandbox is not available elsewhere, even if some additional budget from the Ministry has been earmarked for running the regulatory experiments.

An even thornier issue for interviewees, secondly, was the short-term nature of sandbox projects and the lack of follow-up options. In their view, this seriously decreased the impact of sandbox work. As one expert commented: ‘the long-term follow-up is more difficult in the regulatory landscape … when we’re finished with a project, we’re finished with the project’ (DPA-03). Another interviewee highlighted that the likelihood of coming back for an enforcement action was relatively small given the resources available for inspections. The background which our conversation partners communicated for such apparent disillusionment was the NAV project, where the DPA advised creating a clear legal mandate for working with citizen data to develop a predictive tool for sick leave management. While the exit report had come to a clear recommendation to remove the legal obstacles for data processing in the development of the sick-leave prediction tool, no follow-up apparently happened until the time of writing. Interviewees uttered some surprise at this given the size and political influence the welfare administration has in Norway.

Additionally, it might seem surprising that DPA officials highlight a need to remove legal obstacles, when in fact these ‘obstacles’ stem from the very data protection legislation the regulator aka watchdog otherwise enforces strictly. The instance demonstrates how sandboxes’ goal of enabling innovation can impose conflicting roles on regulators.

Thirdly, and relatedly, DPA interview partners reflected critically on how sandbox activities interacted with their wider regulatory mandate. They revealed a vivid awareness of how idea-based and rule-based (more watchdog-type) interventions, even though not seen as mutually exclusive activities, can benefit from, but also jeopardise, each other. For example, lessons from the sandboxes figure in the DPA’s hearing memos and thus have ripple effects on the formulation of rules. Another example is that peers in other countries would often ask DPA officials why businesses would want to join a sandbox in Norway without regulatory exemption and with strict transparency requirements for the exit reports. One could assume that unwanted regulatory attention and the need to share business secrets act as disincentives here. Given the drawing-board stage of most projects, the DPA does not seem overly concerned with this. Nothing “horrific” (in relation to GDPR norms) would have occurred in the sandbox discussions so far, also because most projects are at the very early stage of research and development.

In a workshop, a DPA official also assumed that the Norwegian culture of trust towards the public sector would help creating open dialogue also around more controversial issues (Datatilsynet, 2022b). Although the DPA has not yet experienced problems with recruiting sufficient good quality projects to its sandbox, in their own view, officials have been vocal, both in our interviews and in in hearing statements on European AI law (Ruschemeier, Reference Ruschemeier and Steffen2025: 324), about the need for AI sandbox managers to have a clear role definition and policy for striking the balance between rule-based, idea-based, and norm-based interventions. In other words, critical self-reflexivity and willingness to learn on behalf of the regulator managing the sandbox is crucial.

From the perspective of the Norwegian DPA, role reflexivity also involves clarity about the boundaries of their sandbox work. Interview data suggests they operate with three ‘red lines’ (though, again, these are not fully transparent towards the public): clearly illegal projects, projects without considerable public value, and issues in a project overstepping the established scope and regulator's mandate. In this context, DPA officials stress the need to constantly manage the ‘cut-off point’ in project selection: while taking on controversial projects, such as the predictive policing AI system ‘PrevBot’, was seen as beneficial for regulatory learning, clearly illegal or highly harmful projects with little public value have been excluded from the outset (interviewees could not share more details on these excluded projects though).

5. Implications for designing and discussing AI sandboxes in the EU

Just like the Norwegian pilot of a GDPR-oriented ‘responsible AI’ sandbox, the AI sandboxes proposed by the EU AI Act aim to foster innovation and regulatory learning. Given the insights from the Norwegian case: what do designers of EU AI sandboxes need to pay attention to when designing sandboxes, when selecting projects and topics, when managing interactions within the sandbox, and when integrating sandbox activities and experiences in their wider regulatory mandate?

The Norwegian case indicates that regulators need to be aware of their responsibility in navigating trade-offs, role conflicts, and cut-off points beyond any single sandbox project. The observed role duality in sandbox work can have serious implications for the functioning of regulatory agencies: While sandboxing requires ‘a new way of working’ and a seeming mentality shift towards dialogue with AI innovators, regulators still are and – from a rule of law viewpoint – arguably should be watchdogs, keeping enforcement mandates in mind and the wider regulatory environment in sight. In our research, the Norwegian DPA considered idea-based interventions in sandboxes and rule-based interventions in their enforcement-related work as a winning combination to achieve responsible innovation: to them, sandboxes served as testing grounds for developing solutions on technically and legally uncertain terrain; but as this terrain is mapped step by step through different sandbox projects, they also expect enforcement practices around the GDPR (and in the future, also the AI Act) to solidify. While the DPA appreciates such informal learning, it also risks foreclosing public debate of the implied normative choices and what precedents they set for regulating the use of AI technologies in the Norwegian public sector.

To us, this situated approach of examining sandbox projects in their wider regulatory context – and the DPA’s co-existing mandate of rule-based intervention – has three implications for the design of AI sandboxes in Europe:

  • Firstly, when selecting projects, regulators must strike a balance between their usefulness for project partners whom they help finding legal solutions or concretising GDPR (or now also AI Act) rules and their own regulatory learning for later enforcement activities. Such strategic choice should, however, be more openly discussed since how a regulator thinks about ‘relevant’ projects has implications for businesses and the public. With a view to the AI Act, some rules for managing high-risk AI systems also are vague to an extent that regulators might want to use sandboxes strategically to gain knowledge about technical complexities and legal interpretations. Whether sandbox projects with high uncertainty are necessarily the ones society benefits most from is an open question.

  • Secondly, we consider the Norwegian decision of not granting regulatory exemptions to sandbox participants and of communicating findings transparently a crucial and useful design element. Indeed, interviewees were sceptical of whether the EU AI sandboxes could achieve the same level of learning for regulators if they operated with exemptions. But this also requires selecting projects at the drawing-board and at a rather hypothetical stage when it comes to the actual roll-out (rather than testing mature applications on populations in real time); another preference of the Norwegian DPA. Interviewees also saw transparency as a key structural difference of the Norwegian responsible AI sandbox compared with the incoming European AI sandboxes which seem to be designed for more secretive interactions within projects. In Norway, the strong focus on public availability of sandbox recommendations, including a transparent discussion of key controversies (as in the AVT or PrevBot cases) was a clear design choice by a DPA, seemingly motivated by a wish to serve the wider public with the sandbox. And yet, informal conversations and recommendations might also be important for regulators to communicate red lines towards a specific sandbox partner. Such transparency-effectiveness trade-offs require public debate, too.

  • Thirdly, depending on the legal foundation of a regulator’s mandate, sandbox activities will have a strong focus on some AI innovation issues and disregard others, with implications for whose and which rights will be protected. In our case, the DPA acted firmly on a GDPR basis and therefore mainly focused on individual data protection and privacy related questions. While questions of discrimination (Ahus, NAV) and even power differentials between project owners and data subjects (in the case of AVT where pupils and parents were seen as relatively exposed to school decisions on AI learning tools) also featured in some projects, they were much less prominent than those concerning data minimization, informed consent, or avoidance of unlawful monitoring. Critics highlight that the GDPR, with its focus on individual privacy rights, is unfit to protection citizens and democracies against the more structural harms of AI and automation (Padden & Öjehag-Pettersson, Reference Padden and Öjehag-Pettersson2024). We expect the GDPR focus to broaden with the upcoming AI sandboxes and their legal grounding in the EU AI Act’s requirements for high-risk AI systems. Yet, how exactly this will unfold depends a lot on the concrete mandate, role interpretation, and institutional legacy of different European regulators conducting the new sandboxes.

Regulators’ attempts to ‘help with’ tech innovation through dialogical interactions opens a can of critical discussions beyond the scope of this case study. One we care about is the following: what is at stake for citizens and societies when specific notions of public value AI or societal relevance emerge and are enacted in regulatory sandboxes? To us, the stance of the Norwegian DPA of not selecting projects with little ‘public value’ (i.e., excluding those which seem too harmful in terms of data protection from the outset, or recommending non-use of AI systems where the gains of innovation do not outweigh the privacy violations) is a rather hidden but impactful judgement call. The same is true, of course, for projects deemed “valuable” for the public. Such sandbox ‘management’ choices raise questions for future research about regulators’ role and relative power in defining and negotiating the boundaries of sandbox projects, and in communicating the motivations and implications of such ostensibly technical choices transparently towards the wider public.

Supplementary material

The supplementary material for this article can be found at https://doi.org/10.1017/cfl.2025.10014.

Acknowledgements

The authors are grateful for the time and insights our interviewees dedicated to this research and for their ex-post agreement to have some interview material cited and paraphrased in the article. Research assistance by Kath John Norbø and Paul Alexander Cusick is gratefully acknowledged. We also want to thank Hannah Ruschemeier for editorial guidance and the opportunity to contribute to this timely special issue, as well as two anonymous reviewers for their constructive feedback.

Funding statement

We received no funding to conduct this research.

Competing interests

We declare no competing interests.

Footnotes

1 By August 2026, all member states are supposed to have in place at least one AI sandbox.

2 All reports are available here: https://www.datatilsynet.no/regelverk-og-verktoy/sandkasse-for-kunstig-intelligens/.

3 https://www.datatilsynet.no/om-datatilsynet/oppgaver.

4 Time for generative AI in the sandbox | Datatilsynet lists the new projects on Generative AI, funded in 2024, including NTNU’s project on the use of Microsoft’s co-pilot in the public sector, the Directorate of Health’s project on targeted health information for different user groups, and Juridisk ABC’s testing of a generative AI tool for legal advice.

5 Exit report available here: https://www.datatilsynet.no/regelverk-og-verktoy/sandkasse-for-kunstig-intelligens/ferdige-prosjekter-og-rapporter/ntnu-sluttrapport-copilot-med-personvernbriller-pa/.

6 https://www.datatilsynet.no/regelverk-og-verktoy/rapporter-og-utredninger/datatilsynets-arsrapporter/arsrapport-for-2023-2/.

References

Alaassar, A., Mention, A., & Aas, T. (2020). Exploring how social interactions influence regulators and innovators: The case of regulatory sandboxes. Technological Forecasting and Social Change, 160, 120257.10.1016/j.techfore.2020.120257CrossRefGoogle Scholar
Ayres, I., & Braithwaite, J. (1992). Responsive Regulation: Transcending the Deregulation Debate. New York: Oxford University Press.10.1093/oso/9780195070705.001.0001CrossRefGoogle Scholar
Buocz, T., Pfotenhauer, S., & Eisenberger, I. (2023). Regulatory sandboxes in the AI Act: Reconciling innovation and safety? Law, Innovation and Technology, 15(2), 357389.10.1080/17579961.2023.2245678CrossRefGoogle Scholar
Datatilsynet. (2022a), ‘Sandbox forever’. Available at: https://www.datatilsynet.no/en/news/aktuelle-nyheter-2022/sandbox-forever/ (accessed 4 April 2023).Google Scholar
Datatilsynet. (2022b). Sandstorm or Just a Breeze. What Is the Fuss about the Sandboxes? presented at the Computers, Privacy and Data Protection (CPDP) Conference, Transcript.Google Scholar
Datatilsynet (2023), Evaluering av Datatilsynets sandkasse for kunstig intelligens, Datatilsynet, 5 December. Available at: https://www.datatilsynet.no/aktuelt/aktuelle-nyheter-2023/sandkassa-har-blitt-saumfart/ (accessed 31 January 2024).Google Scholar
Datatilsynet. (2024a). Effektiv Og Etisk Forebygging Av Grooming Med KI? Lanseringswebinaret for PrevBot Rapporten. Transcript. [PrevBot Launch Webinar]. Oslo.Google Scholar
Datatilsynet (2024b), ‘Time for generative AI in the sandbox’. Available at: https://www.datatilsynet.no/en/news/aktuelle-nyheter-2023/time-for-generative-ai-in-the-sandbox/ (accessed 31 January 2024).Google Scholar
Datatilsynet (2025) Hva er kriteriene for opptak? Available at: https://www.datatilsynet.no/regelverk-og-verktoy/sandkasse-for-kunstig-intelligens/om-sandkassen/kriterier-for-opptak/ (accessed 26 February 2025).Google Scholar
Fahy, L. (2022). Fostering regulator-innovator collaboration at the frontline: A case study of the UK’s regulatory sandbox for fintech. Law & Policy, 44(2), 162184.10.1111/lapo.12184CrossRefGoogle Scholar
Genicot, N. (2024), From blueprint to reality: Implementing AI regulatory sandboxes under the AI Act, FARI Report. Brussels. Retrieved January 31 2025, from https://www.fari.brussels/research-and-innovation/publication/ai-regulatory-sandboxes.Google Scholar
Ikdahl, I., & Eriksen, C. C. (2023). Navs kontrollsystem og trygdeskandalen. Tidsskrift for Erstatningsrett, Forsikringsrett Og Trygderett, 19(4), 186230.10.18261/teft.19.4.2CrossRefGoogle Scholar
Just, S., Sivertsen, M., & Lewin, S. (2023). Open for business: The discursive diffusion of regulatory sandboxes for fintech innovation. Journal of Cultural Economy, 17 (3), 360378.10.1080/17530350.2023.2282131CrossRefGoogle Scholar
Laurent, B. (2024). Innovation monsters in the sandbox. Practicing Anthropology, 46(1), 7178.10.1080/08884552.2024.2308437CrossRefGoogle Scholar
Lund-Tønnesen, J. (2022). Regulating emerging technology in times of crisis: Digital contact tracing in Norway during the COVID-19 pandemic. Law & Policy, 44, 278298.10.1111/lapo.12195CrossRefGoogle Scholar
Madiega, T., & Van de Pol, A. L. (2022). Artificial Intelligence act and regulatory sandboxes, Briefing PE 733.544, Strasbourg: European Parliament. Retrieved February 24 2025, from https://www.europarl.europa.eu/RegData/etudes/BRIE/2022/733544/EPRS_BRI(2022)733544_EN.pdfGoogle Scholar
Metzler, I., & Åm, H. (2022). How the governance of and through digital contact tracing technologies shapes geographies of power. Policy & Politics, 50, 181198.10.1332/030557321X16420096592965CrossRefGoogle Scholar
Padden, M., & Öjehag-Pettersson, A. (2024). Digitalisation, democracy and the GDPR: The efforts of DPAs to defend democratic principles despite the limitations of the GDPR. Big Data and Society, 11(4), 20539517241291815.10.1177/20539517241291815CrossRefGoogle Scholar
Paul, R. (2022). Can critical policy studies outsmart AI? Research agenda on artificial intelligence technologies and public policy. Critical Policy Studies, 16(4), 497509.10.1080/19460171.2022.2123018CrossRefGoogle Scholar
Ranchordas, S. (2021). Experimental Lawmaking in the EU: Regulatory Sandboxes. University of Groningen Faculty of Law Research Paper Series, No. 12/2021. Available at: https://doi.org/10.2139/ssrn.3963810Google Scholar
Ranchordas, S., & Vinci, V. (2024). Regulatory sandboxes and innovation-friendly regulation: Between collaboration and capture. Italian Journal of Public Law, 16(1), 107139.Google Scholar
Regjeringen (Government of Norway). (2016). Lov om behandling av personopplysninger. (personopplysningsloven), artikkel 57. Retrieved May 15 2025, from https://lovdata.no/dokument/NL/lov/2018-06-15-38/KAPITTEL_gdpr-6-2#gdpr/a57Google Scholar
Ruschemeier, H. (2025). Thinking Outside the Box? In Steffen, B. (Ed.), Bridging the Gap Between AI and Reality (318332). Cham: Springer Nature Switzerland.10.1007/978-3-031-73741-1_20CrossRefGoogle Scholar
Yanow, D. (2000). Conducting Interpretive Policy Analysis. Thousand Oaks: Sage.10.4135/9781412983747CrossRefGoogle Scholar
Züger, T., & Asghari, H. (2023). AI for the public. How public interest theory shifts the discourse on AI. AI and Society, 38(2), 815828.10.1007/s00146-022-01480-5CrossRefGoogle Scholar
Supplementary material: File

Paul and Åm supplementary material

Paul and Åm supplementary material
Download Paul and Åm supplementary material(File)
File 20 KB