Artificial intelligence (AI) now occupies centre stage in the global discourse on development, and rightly so. Few technologies in recent history have had the capacity either to accelerate human development or to profoundly reshape the social and economic systems that have defined modern civilisation. Despite the urgency of these challenges, the appropriate governance framework for managing this powerful and often unpredictable technology remains unclear. Governments, multilateral organisations and private-sector actors broadly agree that effective governance is essential to ensure that AI systems deliver societal benefits whilst mitigating harms. However, key questions remain contentious: what form should governance take? Who should lead this process — states, private companies, international institutions or multi-stakeholder coalitions? And how can governance keep pace with technological innovation without limiting its potential?
The issues are further complicated by powerful geopolitical and economic incentives. Nations are increasingly viewing leadership in AI as a strategic priority linked to economic competitiveness and national security. Against this backdrop, AI governance is often perceived not as an essential element of responsible innovation, but as a potential obstacle to technological progress.
Although there are few historical precedents for regulating technologies similar to AI, the broader challenge of regulating emerging technologies within complex innovation ecosystems is not a new one. One particularly relevant area is data governance — the set of rules, standards and institutional arrangements that govern how data is collected, processed, shared and used. Over the past two decades, data governance has established itself as a well-developed policy field, shaping global debates on privacy, digital rights, cross-border data flows, digital taxation and platform accountability.
Indeed, contemporary discussions surrounding AI governance have, in many respects, evolved from earlier debates on data governance. The rapid emergence of generative AI systems around 2022 has accelerated this shift, renewing focus on how data, algorithms and computing power interact to shape economic and social outcomes.
Against this backdrop, this article highlights key lessons from data governance that can inform the global search for effective AI governance frameworks. Drawing on experience in digital policy development over the past decade, it sets out ways to move beyond conceptual debates towards workable governance models capable of balancing AI’s enormous potential with its significant risks.
Is there a difference between AI governance and data governance?
Although the influence of data governance on AI governance is beyond dispute, views are emerging that the two fields address distinct issues. One side of the argument suggests that the two are inseparable. From this perspective, AI systems are fundamentally dependent on data, which means that governance measures aimed at regulating data flows, quality and ownership inherently regulate AI outcomes as well. According to this view, data governance primarily concerns the input phase of the digital value chain, whilst AI governance deals with the outcomes and impacts of algorithmic systems. Taken together, the two phases constitute a continuous governance framework covering the entire lifecycle of data-driven technologies.
However, the development of AI has not followed a linear path towards the ideal model of data governance, with AI training data circumventing data privacy requirements and, more broadly, intellectual property rights. Furthermore, most current efforts to govern AI pay relatively little attention to data-related issues, including major initiatives such as the European AI Act and US President Joe Biden’s executive order on AI. This suggests the emergence of a conceptual drift between the two fields. Although closely linked, AI governance is increasingly viewed as a distinct field with its own policy priorities and institutional arrangements.
Figure 1: Trends in the use of AI and data governance in the literature
Evidence of this shift can be seen in the evolution of political discourse and terminology. We used the Google Ngram Viewer to track this evolution, as shown in Figure 1. The concept of «AI governance» emerged in political discussions around 2018, with regulatory concerns largely integrated into a broader analysis of data governance, a field that was already a decade old at the time. However, the rapid development of generative AI systems has catalysed a growing number of research and policy initiatives explicitly focused on AI governance. Table 1 also highlights the key areas of each approach, which are interconnected but do not overlap.
Data Governance AI Governance
Key focus: Privacy, ownership and fluidity. Algorithmic bias, security and autonomy.
Basic mechanism Consent and encryption. Model transparency and red teaming.
Regulatory objective: To protect what comes in (the individual). To monitor what goes out (intelligence).
In this sense, although data governance and AI governance remain closely linked, there are increasing reasons to regard them as distinct policy areas. Firstly, the scale and potential impact of AI technologies raise unique governance concerns that go beyond traditional data regulation. Managing the risks associated with the implications of autonomous systems for the labour market and large-scale algorithmic decision-making for human rights and political governance. Secondly, whilst data governance is primarily concerned with the management of data resources, AI governance is increasingly focused on the behaviour, accountability and impact of algorithmic systems themselves.
Recognising this distinction is important for designing sufficiently comprehensive governance frameworks without conflating the various policy challenges. A critical review of decades of data governance reveals mixed results, with key success stories alongside a huge, unaddressed governance deficit and, at times, unexpected negative effects. The experience of data governance offers several important lessons for policymakers seeking to design effective oversight frameworks. We highlight five key lessons below.
What AI governance can learn from data governance
Governance models reflect geopolitical interests
Digital governance frameworks are rarely neutral. On the contrary, they often reflect broader geopolitical dynamics and competing visions of the global digital order. The evolution of data governance regimes over the past decade clearly illustrates this trend, with distinct regulatory models emerging amongst the major digital powers. The European Union has emphasised rights-based regulation, focusing on privacy and data protection; the United States has largely favoured market-driven innovation with limited federal oversight; whilst China has adopted a state-centred model that integrates data governance with national security and industrial policy.
AI governance is likely to follow a similar trajectory. Divergent governance frameworks are already emerging, shaped by differences in political institutions, economic priorities and national security strategies. These fragmented approaches have significant implications for the global digital ecosystem. In particular, the extraterritorial reach of major regulatory regimes — such as the EU’s digital regulations — may impose significant compliance and capacity constraints on developing countries, which often lack the institutional and technical resources needed to meet complex regulatory requirements.
At the same time, fragmented governance frameworks risk creating regulatory silos that encourage companies to shift data processing and the development of unethical AI to jurisdictions with less stringent oversight. Such dynamics may undermine global efforts to ensure the responsible development of AI and equitable digital governance.
In principle, a multilateral governance approach offers the most effective way of addressing these challenges. Harmonised frameworks can reduce regulatory fragmentation and ensure that compliance expectations do not differ dramatically across jurisdictions. However, achieving this alignment remains difficult, particularly as major powers view digital governance as an extension of strategic competition.
Despite these constraints, progress towards a coordinated global framework remains both possible and necessary. Even within a multi-level or pluralistic governance landscape, international agreements can establish basic principles and minimum standards to guide national regulation. Such global frameworks would not replace national policies but could provide a common basis on which countries — particularly developing economies — could build stronger and more context-appropriate AI governance systems. The African Data Policy Framework is an example of this type of multi-level framework, which enables national governments to define their data policies in line with standards established at regional level.
2. Regulation alone does not resolve power imbalances
Experience in data governance shows that no regulatory model is free from unintended consequences. For example, the European Union’s General Data Protection Regulation (GDPR) has raised global standards for data protection, but it has also created compliance barriers for many businesses and governments in developing countries. Whilst these pressures have encouraged the adoption of national data protection laws in Africa and other regions, they have also highlighted variations in institutional preparedness and technical capacity across the continent.
Other governance models illustrate similar trade-offs. China’s state-centred approach to digital governance has become a benchmark for governments seeking to exercise greater control over digital infrastructure and online information flows, sometimes at the expense of digital rights and human rights. At the same time, the largely market-driven approach in the United States has enabled rapid technological innovation but has also concentrated significant power in large private technology companies, creating challenges for competition and limiting the growth of local African digital businesses.
Each model therefore offers significant benefits whilst simultaneously creating new layers of exclusion or barriers for certain stakeholders. AI technologies will inevitably produce winners and losers across all economies and labour markets. It will therefore be crucial to ensure that governance frameworks take these distributional impacts into account. AI governance will likely require similar complementary measures, going beyond policy and regulatory frameworks.
For example, policies that support workers displaced by automation — such as reskilling programmes, social protection measures, or even forms of universal basic income — could become increasingly important elements of broader AI governance strategies. International cooperation will also be necessary to ensure that developing economies are not left behind in the global transition to AI.
The experience of digital governance in Europe provides a useful example. The European Union’s broader initiatives on data governance in Africa have combined regulation with investment in infrastructure, institutional capacity and policy development. These efforts have helped to strengthen governance capacities not only in Europe but also, indirectly, in Africa, where they have supported the development of new data governance frameworks.
3. Aligning stakeholders in AI governance is the most crucial aspect
Debates on data governance have often been characterised by a divide between key stakeholders. Public sector and civil society organisations tend to emphasise safeguards — focusing on issues such as digital privacy, data protection, data localisation and digital rights. By contrast, private-sector actors have largely prioritised conditions conducive to innovation, including investment in digital infrastructure, increased data sharing and regulatory flexibility to allow new technologies to flourish.
These differing priorities are not a problem in themselves, as they reflect the legitimate interests and perspectives of the various stakeholders within the digital ecosystem. However, the lack of early cooperation between stakeholders has often led to fragmented policy environments, with various groups advocating regulatory approaches that are sometimes at odds with one another. In many jurisdictions, this dynamic has slowed the development of coherent data governance frameworks and created uncertainty for both policymakers and market participants.
AI governance has the opportunity to avoid some of these challenges by fostering earlier alignment amongst key stakeholders. This multi-stakeholder approach has been a defining feature of many successful digital governance initiatives. Given the complexity and rapid evolution of AI technologies, no single institution or sector possesses the expertise or authority required to regulate them effectively. Governments play a crucial role in defining legal frameworks and ensuring accountability, but private-sector actors hold much of the technical knowledge and infrastructure underpinning AI systems. At the same time, civil society organisations and academic institutions provide essential oversight, research and advocacy to ensure that governance frameworks safeguard the public interest.
Bringing these stakeholders together right from the start of the policy-making process can help reduce fragmentation, enhance the legitimacy of policies and create models of governance that are both adaptive and practical. In the context of AI — where technological change often outpaces regulatory capacity — such collaborative governance approaches may prove particularly important in ensuring that innovation progresses in a way that is both responsible and socially beneficial.
4. The regulation of digital platforms presents a highly complex and ever-changing challenge
The regulation of major digital platforms poses a fundamental challenge for modern governance systems for a number of reasons. Firstly, many of these platform organisations possess economic resources, technical expertise and a global reach that exceed those of nation states. Their cross-border operations enable them to navigate regulatory environments strategically, often avoiding litigation or relocating operations between jurisdictions with relative ease. As a result, governments frequently find themselves attempting to regulate actors whose scale and influence extend beyond traditional regulatory frameworks.
Secondly, a long-standing ethos within the digital innovation ecosystem has been that of «build first, fix later» — prioritising rapid technological development whilst only addressing risks once they have materialised. Whilst this model has accelerated innovation, it has also highlighted significant governance shortcomings, particularly when technologies evolve on a global scale before appropriate safeguards are in place.
For this reason, early regulatory engagement can be beneficial, even when regulatory frameworks are imperfect from the outset. Waiting for technologies to mature fully before introducing governance mechanisms can allow harmful dynamics to take deep root, making them difficult to reverse. However, early intervention inevitably involves trade-offs. Initial regulatory frameworks may contain design flaws, unintended consequences or implementation challenges.
Policy-makers must therefore accept that a certain degree of political experimentation is inevitable. Effective governance in rapidly evolving technological environments requires regulators to tolerate a certain level of error and adjustment. The aim should not be to devise perfect rules from the outset, but rather to create governance systems capable of learning and adapting over time.
The experience of data governance offers a valuable lesson in this regard: large platform companies are difficult for developing countries to control and regulate. The EU’s leading role in a robust data governance system is helping many African countries to implement their own data governance frameworks. A similar global leader is needed to ensure better regulation of AI developed by these same platform companies.
Conclusion
Ensuring sound AI governance will be crucial for social and economic development in the coming decades. Despite the complexity and ambiguity of the AI policy landscape, insights from data governance can provide important guidance. This analysis highlights the key lessons — both successes and persistent challenges — drawn from data governance that can inform emerging approaches to AI governance.
Effective governance of AI will require flexibility, continuous learning and timely policy-making. Historically, governance frameworks have often lagged behind technological innovation. However, in the case of AI, such delays have particularly significant consequences. Slow or reactive policy responses risk exacerbating social and economic harm whilst missing opportunities to shape the development of AI in a way that promotes public welfare. Proactive and adaptive governance is therefore essential to ensure that AI systems contribute to inclusive and sustainable development, both today and in the future.
Not so long ago, people lived and went about their daily lives in close-knit communities. Every shopkeeper knew their customers personally and could...
This Machine Learning Glossary aims to provide a brief introduction to the most important machine learning terms – both for commercial and...
FR 
EN 
