Session 1 – AI Regulations, Legal Exposure & Real Cases

Module 1: Why AI Has Become a Board-Level Legal Risk AI misuse headlines globally Reputational damage trends Why regulators are intervening Executive accountability Module 2: AI-Related Regulations / Governance in Qatar Personal Data Privacy Protection Law (Law No. 13 of 2016) Data consent, purpose limitation, transfers NCSA governance expectations MCIT digital strategy direction Sector obligations for regulated industries Module 3: Real Qatar Case Study Qatar International Court and Dispute Resolution Centre AI Rules (2026) Court introduced procedural rules after false AI-generated citations were used in litigation Lawyers required to verify AI outputs Confidential data must not be uploaded into public AI tools Misleading submissions may attract consequences Module 4: Global AI Cases & Penalties Lawyer sanctions in US / UK for fake AI citations GDPR fines involving profiling / unlawful processing AI recruitment bias lawsuits IP lawsuits against generative AI providers Module 5: Discussion What legal risks would damage your organisation most: privacy, bias, false outputs, or confidentiality leaks?

Session 2 – Governance, Internal Controls & Regulatory Readiness

Module 1: What Regulators Expect from Organisations Oversight, not chaos Risk ownership Evidence of controls Clear accountability Module 2: Building an AI Governance Framework AI Acceptable Use Policy AI register / inventory Risk-tiering model Human review controls Escalation matrix Board reporting Module 3: Vendor Governance & Procurement Risk Public AI tools vs enterprise tools Data ownership clauses Confidentiality obligations Cloud and cross-border risk Audit rights in contracts Module 4: Lessons from Global Enforcement Cases Weak vendor due diligence leading to breaches Privacy notices challenged by regulators Uncontrolled employee AI use Lack of audit trail failures Module 5: Practical Case Study

Navigating AI Regulations, Governance & Cybersecurity Compliance

Artificial Intelligence is transforming how organisations operate, automate decisions, manage risk, improve productivity, and engage customers. However, AI is also creating a rapidly evolving landscape of regulatory scrutiny, governance obligations, privacy exposure, cybersecurity threats, liability risks, and executive accountability.

As of 2026, Qatar has not yet introduced a single standalone AI law equivalent to the European Union AI Act. However, AI and cybersecurity in Qatar are already governed through a multi-layered framework of existing laws, sector regulations, national strate-gies, privacy obligations, and cybersecurity governance requirements. This reflects a broader global trend: the European Union has adopted a comprehensive risk-based AI regime; China has introduced targeted rules for algorithms, deep synthesis, and genera-tive AI; the United States is using executive orders and state-level regulation; while coun-tries such as Singapore, Japan, South Korea, Brazil, and Canada are advancing govern-ance frameworks or new legislation. In practical terms, organisations in Qatar already face real compliance expectations, and this programme helps participants understand how Qatar’s current obligations compare with emerging international standards while preparing for future AI-specific regulation.

TIME: 08:00 am to 11:00 am Qatar Time

DATE: 3rd & 4th of June 2026
DELIVERY:  Live Online Zoom Training

COST: QAR 2,000 Per Person

ChatGPT Image Apr 22, 2026, 09_12_31 AM.png

Why This Programme Is Urgent
Recent examples show clear warning signals:

Qatar
•Qatar courts introduced formal AI usage rules in litigation after false / non-existent citations were submitted, reinforcing that professionals remain responsible for AI-generated work.
•Qatar’s privacy regulator has begun enforcement action requiring organisations to strengthen data controls under PDPPL.
Regionally
•GCC regulators are increasing scrutiny of privacy, outsourcing, cyber resilience, and algorithmic decision-making.
•Financial institutions face rising expectations around governance of AI in onboarding, fraud detection, and customer treatment.
Globally
•Multi-million euro GDPR fines linked to unlawful automated processing and privacy failures
•Deepfake fraud incidents causing major losses
•AI hallucination cases leading to lawyer sanctions and court criticism
•Class actions over biased hiring algorithms
Cyber incidents caused by unsecured AI integrations

ChatGPT Image Apr 22, 2026, 09_12_45 AM.png

Key Learning Outcomes

By the end of the programme, participants will be able to:

Reduce privacy and cyber risks arising from AI tools

Understand AI-related regulations currently affecting Qatar organisations

Strengthen vendor controls and outsourcing oversight

Identify board and management governance responsibilities

Enable responsible AI innovation safely

Build internal AI governance and approval frameworks

Learn from real enforcement actions and global penalty cases

Prepare for regulator questions, audits, and investigations

JOIN NOW

Programme Structure

01
Module 1: Why AI Has Become a Board-Level Legal Risk AI misuse headlines globally Reputational damage trends Why regulators are intervening Executive accountability Module 2: AI-Related Regulations / Governance in Qatar Personal Data Privacy Protection Law (Law No. 13 of 2016) Data consent, purpose limitation, transfers NCSA governance expectations MCIT digital strategy direction Sector obligations for regulated industries Module 3: Real Qatar Case Study Qatar International Court and Dispute Resolution Centre AI Rules (2026) Court introduced procedural rules after false AI-generated citations were used in litigation Lawyers required to verify AI outputs Confidential data must not be uploaded into public AI tools Misleading submissions may attract consequences Module 4: Global AI Cases & Penalties Lawyer sanctions in US / UK for fake AI citations GDPR fines involving profiling / unlawful processing AI recruitment bias lawsuits IP lawsuits against generative AI providers Module 5: Discussion What legal risks would damage your organisation most: privacy, bias, false outputs, or confidentiality leaks?
02
Module 1: What Regulators Expect from Organisations Oversight, not chaos Risk ownership Evidence of controls Clear accountability Module 2: Building an AI Governance Framework AI Acceptable Use Policy AI register / inventory Risk-tiering model Human review controls Escalation matrix Board reporting Module 3: Vendor Governance & Procurement Risk Public AI tools vs enterprise tools Data ownership clauses Confidentiality obligations Cloud and cross-border risk Audit rights in contracts Module 4: Lessons from Global Enforcement Cases Weak vendor due diligence leading to breaches Privacy notices challenged by regulators Uncontrolled employee AI use Lack of audit trail failures Module 5: Practical Case Study

JOIN NOW

Jorge Carrillo

(PhD, LLM - International Expert in AI Regulations, Governance, Privacy & Cybersecurity Compliance)

Jorge Carrillo is a highly accomplished international specialist in Artificial Intelligence gov-ernance, cybersecurity, privacy, governance-risk-compliance (GRC), and digital regulatory frameworks, with more than two decades of experience spanning global technology, banking, consulting, higher education, and professional training.
He is exceptionally well positioned to deliver advanced executive programmes on AI regula-tions, governance, and cybersecurity compliance, combining a rare blend of legal expertise, technical depth, enterprise governance experience, and practical business application.
Jorge has held senior privacy and compliance roles with Microsoft, where for over a decade he worked on software product compliance, privacy-by-design, data protection obligations, accessibility standards, and enterprise governance controls across international operations. His experience gives participants direct insight into how leading global organisations operational-ise privacy, cybersecurity, and regulatory compliance within complex digital ecosystems.
He is also the Managing Director of Privacy Tech, a specialist advisory practice focused on Artificial Intelligence, privacy engineering, AI Act readiness, GDPR, NIS2, governance frameworks, and responsible technology adoption. Through this work, he advises organisa-tions on how to build practical governance models, reduce regulatory risk, and adopt AI re-sponsibly.

JOIN NOW