Generative artificial intelligence is redefining the way data is produced, validated, used and protected, turning it into a strategic asset for security, innovation and competitiveness.
In a context where threats are becoming more rapid, automated, and difficult to intercept, and where intellectual property enters directly into the life cycle of AI systems, the webinar “Data Power: Governance, Security, and Intellectual Property Defense” offered a discussion among institutions, academia, and industry on new challenges related to data governance and cybersecurity.
Promoted as part of the series of seminars organized by the Ministry of Business and Made in Italy with Cyber 4.0 and the Graduate School of Specialization in Telecommunications, the meeting is part of an in-depth study dedicated to the transformations of cybersecurity in a rapidly evolving technological and regulatory framework.
Opening the proceedings was Matteo Lucchetti, chief operating officer of Cyber 4.0, who highlighted how theintersection of artificial intelligence, cybersecurity and intellectual property is opening up new areas of criticality related to data management and the use of content in model training processes. “ Artificial intelligence systems are being trained on huge amounts of content, which is often protected by copyright and intellectual property rights,” Lucchetti noted, drawing attention to both the issue ofusing data for model training and the still open issues related to the ownership of AI-generated outputs and liability in the event of content infringement or misuse.
Generative AI, data and new risk surfaces
In recent years, the spread of generative artificial intelligence has made it even more evident that data is not just a technical resource, but a central element in the security and resilience of digital systems. AI amplifies processing and automation capabilities, but at the same time it broadens the attack surface and makes it more complex to distinguish authentic content from synthetic or manipulated content.
During the webinar, Giuseppe F. Italiano, Pro-Rector for Artificial Intelligence and Digital Skills at the LUISS, emphasized how GenAI has opened a new phase for cybersecurity. Vulnerabilities no longer affect only software and infrastructure, but extend to the entire information ecosystem, from training data to the outputs produced by models.
Against this backdrop is also the issue of privacy and protection of content used for training. The point is no longer just technical, but also legal and strategic: figuring out how to balance innovation, data access and rights protection is now an integral part of digital security.
Intellectual property and copyright: an unresolved issue
Maria Chiara Cesarani, Legal Advisor for Studio Torta, also addressed these issues, recalling some of the main international case law cases related to the use of protected content in generative AI training processes. The speech highlighted the growing tension between the need to protect copyright and the need not to limit technological development and innovation.
In the discussion, the difficulty of defining clear boundaries in an ecosystem where models learn from huge amounts of content and generate new outputs from pre-existing materials became clear. In this scenario, the paradigm of fair use was invoked as a possible balancing point between access to data and protection of rights holders.
Rounding out the picture, Gustavo Ghidini, Professor Emeritus of the University of Milan, recalled how artistic, scientific and technological culture has developed historically through the reuse of previous contributions. The current crux, he noted, is to find a sustainable balance between this dynamic of innovation and the need to ensure economic protection for rights holders.
From here emerges one of the most sensitive issues in the debate: the ownership of AI-generated outputs. The issue is already at the center of international decisions and litigation that are gradually defining the boundaries of protection, highlighting the extent to which jurisprudence is being called upon to clarify not only the responsibilities associated with models, but also the very importance of attributing an author or owner to the content produced. Against this backdrop, the regulatory framework remains fragmented and evolving, necessitating an approach capable of accompanying innovation without stifling it.
The seminar also highlighted the fragmentation of regulatory responses globally, with Europe, the United States and China taking different approaches, making it difficult to build shared international standards. In this regard, Alessandro De Parolis, MIMIT Patent Application Examiner, recalled the role of bodies such as the WIPO to facilitate comparison and build common references on the implications of AI with respect to intellectual property.
Data governance and reference models
Another central point that emerged from the discussion concerned data governance. Antonio Minunno, IT manager of the Chips-IT Foundation, recalled the need to consider data as an asset to be designed, guarded and protected throughout its life cycle. In this perspective,data governance is not a separate issue from security, but its prerequisite: rules, accountability, access control and continuous monitoring become indispensable tools to reduce the risk of compromise and ensure the reliability of information.
Gianni Amato, Head of CERT at AGID, emphasized data quality with an effective summary: “Data is not oil, but it must be like water: transparent, always available and unpolluted.” To support this approach, an application case was presented based on OpenAI tools for restoring previously obfuscated data, demonstrating howAI can also be used to protect and recover information.
Cross-cutting themes also included the need to move beyond traditional cybersecurity models. In a context where threats are becoming increasingly automated and dynamic, protection can no longer stop at the infrastructure, but must extend to the entire lifecycle of data and AI models. The Zero Trust paradigm therefore takes center stage, while the use of AI tools for defensive purposes becomes essential to recognize anomalies, protect data and support incident response.
Upcoming appointments
The cybersecurity seminar series will continue in June with the webinar “Cyber health: digital security for biomedicine and biotechnology.” More details on the date and program will be available in the coming days on the Cyber 4.0 and MIMIT website and social channels.