The research on adapting Ukrainian legislation to European standards of personal data protection in the field of artificial intelligence (AI) is driven by numerous issues stemming from rapid technological advancements, as well as the need to ensure human rights, transparency, and accountability in automated processing of personal data. Particular complexity arises in regulating specific legal relationships associated with the use of artificial intelligence, including profiling, automated decision-making, ethical and non-discriminatory use of algorithms, and ensuring adequate safeguards for data subjects.

The purpose of the article is a comprehensive analysis of European legal acts (GDPR and AI Act), current Ukrainian legislation, and prospective regulatory changes, particularly Draft Law No. 8153 “On Personal Data Protection”, aimed at developing an integrated understanding of the challenges and opportunities in harmonizing Ukrainian law with European standards. Additionally, the article seeks to identify directions for further improvements to national legislation capable of ensuring adequate protection of personal data when deploying AI technologies.

It was found that the current norms of Ukrainian law require substantial refinement to effectively accommodate the specifics of AI technologies, especially in matters of algorithmic transparency, protection against automated decisions, and guarantees concerning ethics and nondiscrimination. It also identifies the need for supporting small and medium enterprises in adapting to the new requirements imposed by GDPR and AI Act, and resolving complex issues related to cross-border data transfers. The author formulates recommendations for introducing specialized legal instruments (ethical codes, regulatory sandboxes) to ensure a balance between protecting the rights of data subjects and promoting innovation in artificial intelligence.

Bibliography

Authored Books

1. Bradford A, The Brussels Effect: How the European Union Rules the World (Oxford University Press 2020).

Edited books

2. Kuner C, Bygrave L A, Docksey C (eds), The EU General Data Protection Regulation (GDPR): A commentary (Oxford University Press 2017).

Journal articles

3. Brakerski Z, Gentry C, Vaikuntanathan V, ‘Fully Homomorphic Encryption without Bootstrapping’ [2014] 6 ACM Transactions on Computation Theory 13.

4. Brkan M, ‘Do algorithms rule the world? Algorithmic decision-making and data protection in the framework of the GDPR and beyond’ [2019] 27(2) International Journal of Law and Information Technology 91–121.

5. Fan J, Vercauteren F, ‘Somewhat Practical Fully Homomorphic Encryption’ [2012] IACR Cryptol. ePrint Arch 144 <https://eprint.iacr.org/2012/144> (accessed 14.04.2025).

 Theses

 6. Gentry C, ‘A Fully Homomorphic Encryption Scheme’ (Doctoral dissertation, Stanford University 2009) <https://crypto.stanford.edu/craig/craig-thesis.pdf> (accessed 14.04.2025).

Conference papers

7. Vaikuntanathan V, ‘Computing Blindfolded: New Developments in Fully Homomorphic Encryption’ 2011 IEEE 52nd Annual Symposium on Foundations of Computer Science (Palm Springs, 2011) 5–16.

Websites

8. Myszne J, ‘3 Homomorphic Encryption Trends for 2025’ (December 19, 2024) <https://www. itprotoday.com/data-privacy/three-homomorphic-encryption-trends-for-2025> (accessed 14.04.2025). 9. Taylor P, ‘Amount of data created, consumed, and stored 2010-2023, with forecasts to 2028’ (Nov 21, 2024) <https://www.statista.com/statistics/871513/worldwide-data-created> (accessed 14.04.2025).

10. Van Quathem K, ‘European Commission Confirms Plans to Simplify GDPR’ (March 17, 2025) <https://www.insideprivacy.com/gdpr/european-commission-confirms-plans-tosimplifygdpr> (accessed 14.04.2025).