ARTIFICIAL INTELLIGENCE, CYBER LAW, AND DATA PROTECTION: LEGAL CHALLENGES AND REGULATORY RESPONSES IN THE DIGITAL AGE

ASIA RAHMAN KHAN LODHI, AHMAD SAJJAD, KASHIF AKBAR, DR SYED SHUJA UDDIN, DR. RIZWANA JABEEN, AZHAR HUSSAIN LASHARI

The swiftly expanding use of artificial intelligence in the commercial, governmental, and social spheres has created a multi-layered and dynamically changing complex of legal issues at the boundary of cyber law, data protection, and algorithmic governance. This paper is based on a qualitative research design with an interpretivist paradigm to explore how legal frameworks, regulatory authorities and governance institutions are adapting to the legal challenges of AI-driven data processing, automated decision-making, cybersecurity threats, and the loss of conventional structures of individual privacy and data sovereignty. Based on purposive sampling, 25 key informants, such as legal professionals specializing in cyber and data protection law, cybersecurity professionals, national and international policymakers, and IT regulators, took part in semi-structured, in-depth interviews. These topical reports were cross-referenced with systematic document analysis on national cyber laws, data protection laws, case law and international regulatory frameworks such as the EU General Data Protection Regulation (GDPR), the EU Artificial Intelligence Act (2024), the California Consumer Privacy Act (CCPA), China Personal Information Protection Law (PIPL), India Digital Personal Data Protection Act (DPDPA 2023), and other similar national laws. Thematic analysis produced six main themes that include privacy and data rights in AI systems, accountability and transparency of algorithms, cybersecurity and data breach liability, legal gaps and jurisdictional conflicts, regulatory responses to AI emerging, and the implications of generative AI to intellectual property. Results indicate that there is a systemic regulatory deficiency in most national jurisdictions in dealing with the unique legal issues associated with AI-driven systems, with failures in consent architecture, lack of explainability, cross-border jurisdictional issues, and the novel legal issues of generative AI all contributing to exposing critical failures in current legal and regulatory regimes. The most substantive existing attempt to regulate AI-specific legal issues is the European Union AI Act, although much remains unclear about its implementation. The research closes by giving suggestions to legislators, regulatory authorities, international governance bodies, and technology companies involved in creating and implementing AI systems under the modern legal and ethical systems.