Table 2 Examples of what DIA adds to existing IAs
Requirement | What ISO/FRIA/HUDERIA already has | Complementarity of DIA |
|---|---|---|
Scope | ISO sets organisation-wide AI governance/risk processes; FRIA triggers for high-risk and public uses; HUDERIA guidance for rights, democracy and rule-of-law risks | Applies to all stages of AI systems lifecycle irrespective of risk level especially when projects touch historically marginalised communities |
Problem framing | Generic impact and risks; rights | Analysis of colonial legacies with explicit mapping of power imbalances and control |
Epistemic justice | Not explicit | Requires pluriversal perspectives; knowledge sources and data labels |
Consent/autonomy | FRIA/HUDERIA expect stakeholder engagement; consent often framed at data subject level | Adds collective/community consent |
Data provenance & sovereignty (data and infrastructure) | ISO/FRIA check lawfulness, quality, bias; data sovereignty not required | Requires audits for coloniality of data (extractive practices, context loss), enforces data and infrastructure sovereignty (local storage, access terms) and culturally bounded data categories |
Language and cultural rights | All have bias/fairness checks; no duty to support minority languages beyond performance metrics | Requires plans for linguistic inclusion, protection of cultural IP, and community control over cultural models |
benefit-sharing | Not explicitly required | Requires equitable value-sharing (including local hiring/skills transfer) tied to design and deployment approvals |
Procurement & local capacity | Supplier oversight and process controls (ISO 42001) | Encourages local suppliers or local partnerships; mandating training and institutional capacity-building as part of the innovation lifecycle |