Data protection principles highlighted at Kyrgyzstan’s National Data Privacy Forum

As artificial intelligence and big data increasingly shape everyday life, the need for strong personal data protection has never been more urgent. This message was central to Kyrgyzstan’s National Forum “Data and Security in the Age of Artificial Intelligence and Big Data,” held in Bishkek on International Data Privacy Day, 28 January 2026.

Organised by the State Agency for Personal Data Protection, the forum brought together public authorities, digital governance experts, and key stakeholders to discuss how citizens and institutions can address emerging privacy and security challenges in the AI era.

A keynote presentation was delivered by Piret Hirv, Head of the Data Governance Competence Center at the e-Governance Academy, entitled “Как защитить данные простых граждан уже сегодня?” (How to Defend the Data of Ordinary Citizens Already Today?). Her address focused on practical approaches to strengthening citizens’ data privacy while outlining the foundations of a trustworthy and sustainable data ecosystem.

In her presentation, Hirv highlighted how personal data has fundamentally changed over the past decade shifting from being local and short-lived to global, permanent, and easily analysable by machines. “As a result, data protection is no longer only a technical issue, but a societal one, closely linked to individual autonomy, public trust, and democratic resilience. I encourage you to view data protection as a cornerstone of digital freedom rather than a matter of formal compliance alone,” she said.

A central theme of the keynote was that sustainable digital transformation depends on trust. And trust depends on responsible data governance. Hirv outlined core principles essential for building a trustworthy data ecosystem, including:

• Data minimisation — collecting only what is truly necessary

• Transparency of processing — ensuring people understand how their data is used

• Meaningful consent — providing citizens with real, informed choices

• Privacy by design — embedding data protection into systems from the outset

• Accountability and auditing — ensuring institutional responsibility and oversight

These principles are becoming increasingly relevant for Kyrgyzstan as it advances digital public services and strengthens its regulatory framework.

The presentation also addressed the growing complexity of the digital environment, where citizens must better understand who has access to their data, how long it is stored, and how it may be analysed, reused, or combined. This message resonated strongly with the Kyrgyz audience, where awareness of data-related risks is still developing.

Drawing on Estonia’s long-standing experience in digital governance, Hirv shared practical examples such as the Estonian Biobank and citizen-facing tools like the Data Tracker, which allow individuals to see how their data is used. These examples demonstrated that innovation and privacy can reinforce one another when data governance is transparent, accountable, and user-centric.

The forum marked an important step in strengthening Kyrgyzstan’s national dialogue on data protection in the age of artificial intelligence. By combining citizen-focused digital literacy with clear governance principles such as transparency, minimisation, and accountability, the event highlighted concrete pathways toward a safer and more trustworthy digital future.