CEN/CENELEC

My fellowship addresses three critical gaps in the European AI standardization landscape: The first gap concerns the harmonisation of Documentation Development, as there is an urgent need for technical documentation (Annex ZA, HAS checklists) to connect developing standards with AI Act requirements following the M/593 request. Without this work, standards risk delayed OJEU citation, creating regulatory uncertainty. I've worked on developing preliminary harmonization documents for JT021008 (Trustworthiness), JT021039 (QMS), and JT021024 (Risk Management).

The main priorities of my fellowship are to support the development of two European standards for AI systems, Risk Management and Cybersecurity, which will enable organisations to manage risks and address cybersecurity concerns in alignment with the AI Act.

With the support of this fellowship, I tackle specific bias detection and mitigation requirements with accompanying illustrative example within CEN/CLC/JTC21 WG3 "Concepts, measures and requirements for managing bias in AI systems" standard that are aligned/harmonised with relevant EU AI Act legislation.

With this fellowship, I significantly contribute to the ICT Standards landscape by addressing the lack of standardised guidelines for processing Personal Identifiable Information (PII) in blockchain and Distributed Ledger Technology (DLT) systems. Approving the New Work Item Proposal (NWIP) for “Guidelines on processing PII using blockchain and DLT” establishes a crucial foundation for privacy-preserving, GDPR-compliant blockchain applications.

My fellowship focuses on standardizing Non-Fungible Tokens (NFTs) for sustainable asset management, addressing gaps in digital asset representation, regulatory clarity, and ESG alignment. It supports innovation, transparency, and interoperability in tokenized real-world assets (RWAs), in line with EU priorities.

In this fellowship the original objective is to start to prepare a NWI to address the age approriate topic and start the standard development. The aim is to improve the benefits and reduce the risks in the digital world for young users up to the age of 18. The solution is to adapt the content delivered by online products and services according to the age of users. Moreover, the process requires establishing the age/capacity of users, including age verification and age estimation.

The standards being developed should cover the requirements of the full range of stakeholders (including users, affected bystanders and manufacturers etc) over the complete lifetime of the product.

There is currently no standard addressing the cybersecurity of AI systems. In ISO/IEC JTC1 SC27 WG4  27090 is under development; and I contribute directly to this work.