Trust, Innovation and Human Values: John Edwards on Regulating AI Responsibly

At RAID 2025, John Edwards, the UK Information Commissioner, delivered a thoughtful and candid keynote on the intertwined future of privacy, innovation and trust in the age of artificial intelligence.

Edwards opened by observing how quickly AI has become embedded in everyday life. “Nearly 10 per cent of the world’s population has used ChatGPT, and over half of the UK population has used one chatbot or another,” he noted. “These technologies have become infused into the fabric of society.”

Against that backdrop, he argued, regulators must ensure that “the scale and speed of new technologies do not outpace us.” Forums like RAID, he said, are essential spaces for collaboration: “We’ve got to have these conversations on a very frequent cycle.”

Beyond the Myth of Trade-Offs
A central theme of Edwards’ address was his rejection of the idea that privacy and innovation exist in tension. “I reject the concept of balance,” he said.

“It’s not a zero-sum game. We’re not here to debate how much of our fundamental rights we should give up in order to get the benefit of new technology. We are here to discuss how the whole of society can be raised up while still maintaining the values that are fundamental to our humanity.”

For Edwards, responsible innovation and data protection are not competing objectives but mutually reinforcing ones. The ICO’s mandate, he said, is to protect people’s data while encouraging and supporting businesses to invest, innovate and grow responsibly.

Trust as the Foundation of Innovation
Edwards emphasised that trust is the essential ingredient for progress in AI. “If people don’t trust the tech, society will not get the benefits or efficiencies that it can provide,” he explained. “We are an instrument of that trust – there to provide assurance that products launched in our economy meet expectations for protection.”

He cited the ICO’s engagement with Snapchat as a case study in accountability. When the company offered a chatbot to children under 13, the ICO challenged whether it had met its GDPR risk assessment obligations. “That was an important intervention and signal to the market that you may be challenged to show your workings in order to maintain that trust,” Edwards said.

Pragmatic and Collaborative Regulation
Edwards outlined the ICO’s “pragmatic” approach to regulation – one that offers clarity rather than constraint. Through guidance, helplines, its innovation advice service, and regulatory sandbox, the ICO aims to “tell firms how to, not don’t do.”

He highlighted the Digital Regulation Cooperation Forum (DRCF) as a model of joined-up oversight, enabling innovators to engage with multiple regulators through a single point of contact. “We need to produce coherent regulation,” he said. “Uncertainty in an economy creates friction, risk aversion, and downward pressure on innovation.”

Focusing on AI and Biometrics
Looking ahead, Edwards said the ICO has prioritised AI and biometrics, alongside children’s privacy and online tracking. An AI strategy is now in place to focus efforts where they can have the greatest impact, including automated decision-making and facial recognition by police.

The ICO is also preparing a statutory code of practice for AI, to be “co-designed with industry” for flexibility and relevance. “A code of practice is a lighter touch than something locked into legislation,” he explained. “It can be amended and developed with all stakeholders represented.”

Anticipating Tomorrow’s Technologies
Edwards also pointed to the ICO’s Tech Horizons reports, which explore risks and opportunities in emerging fields such as neurotechnology, genomics, synthetic media and quantum computing. The next edition will focus on AI agents — systems capable of acting autonomously within operating environments.

He stressed that such technologies demand global cooperation. “The opportunities and challenges of new technologies transcend borders and jurisdictions. Maintaining open dialogue and international collaboration is crucial.”

Quoting a colleague from Singapore’s data authority, Edwards concluded with a reminder to focus on what should remain constant amid rapid change: “An emphasis on individual rights and humanity.”

A Measured Approach to Progress
Closing his address, Edwards reaffirmed that data protection and privacy need not inhibit innovation. “With a measured approach, they can be effective enablers,” he said. “By reducing friction and building trust as early as possible, we can help achieve that balance – encouraging innovation while keeping people’s data safe and secure.”