IAPP 2025

Adrianna Tan, founder of Future Ethics, spoke on the 'AI Governance Lessons from Red Teaming AI Use Cases' panel with Heather Egan (Morgan Lewis) and Manhar Arora (EY) at IAPP AI Global Governance 2025, in Boston, Massachusetts.

The International Association of Privacy Professionals (IAPP) brings together privacy, security, and risk professionals navigating the regulatory and practical challenges of emerging technology. This year's conference focused heavily on AI governance, with multiple sessions addressing how organizations can test and deploy AI systems responsibly.

Why AI Red Teaming Matters for Privacy and Security Professionals

Privacy officers and security teams are increasingly asked to evaluate AI systems their organizations want to deploy. But many don't know where to start. AI red teaming provides systematic methods to find vulnerabilities before deployment.

The panel addressed practical questions:

How do you test AI systems for safety issues? Most organizations don't have AI research labs or specialized testing teams. The panel discussed accessible testing methods that work with existing staff and resources.

What should procurement officers look for in vendor safety claims?
Vendors claim their AI is "safe" and "tested." But what does that actually mean? How do you verify those claims before signing a contract?

Why does multilingual testing matter? AI safety filters are dramatically weaker in languages other than English. Organizations serving multilingual users face risks that English-only testing doesn't catch.

Who should be doing this testing? The answer isn't always "hire AI experts." Domain experts (doctors, teachers, compliance officers) often catch safety issues that technical testers miss.

Adrianna brought experience from leading large-scale AI safety evaluations:

As former AI Red Team Lead at Humane Intelligence, she coordinated a crowdsourced medical chatbot evaluation with 200+ healthcare professionals that found 800+ vulnerabilities. The scale and diversity of testers revealed problems that traditional technical testing missed.

She also led IMDA Singapore's world-first multilingual AI safety project across 9 countries and 9 languages. That work demonstrated how safety filters fail in non-English languages at dramatically higher rates.

The panel emphasized that AI safety testing isn't just for AI companies. Any organization deploying AI systems needs systematic evaluation.

Key takeaways for IAPP attendees:

Testing is accessible. You don't need a PhD or specialized technical background. Many effective testing methods require domain expertise, not machine learning knowledge.

Start before procurement. Test vendor AI systems before you sign contracts. Independent evaluation provides objective data for purchasing decisions.

Document everything. Even if you can't force immediate changes, documentation creates accountability and demonstrates due diligence.

Consider multilingual risks. If your users speak languages other than English, English-only safety testing leaves major gaps.

Build internal capacity. External consultants can help initially, but sustainable AI safety requires internal testing processes and trained staff.

The Growing Need for Practical AI Safety Standards

Privacy and security professionals are on the front lines of AI governance. They're asked to evaluate systems, negotiate with vendors, and make recommendations about deployment safety. But many lack practical frameworks for doing this work.

Future Ethics provides fully managed safety and bias testing and evaluations that can help organizations create procurement standards and multilingual safety standards. The IAPP panel reflected the growing recognition that AI safety testing needs to be practical, accessible, and multilingual.

If you attended IAPP Boston or want to discuss AI safety testing for your organization, reach out at hello@futureethics.ai.