Artificial Intelligence in the justice system and data sovereignty

Regulation (EU) 2024/1689 (the AI Act) and Regulation (EU) 2016/679 (the GDPR) create a demanding regulatory framework for the use of AI in European judicial systems. The AI Act classifies AI systems used in the administration of justice as high-risk, requiring strict compliance with risk management, data quality, technical documentation, transparency, and human oversight. Furthermore, the GDPR imposes stringent rules on the international transfer of sensitive judicial data, particularly when processing occurs on servers outside the EEA. This regulatory intersection suggests that AI providers must localise data processing infrastructure within the EU to ensure digital sovereignty and maintain control over the administration of justice.