Shamov, Oleksii2026-02-042026-02-042025Shamov, O. Adaptive AI architecture for implementing privacy-by-design in accordance with GDPR / Oleksii Shamov // Information Technology and Security. – 2025. – Vol. 13, Iss. 2 (25). – P. 300-309. – Bibliogr.: 11 ref.https://ela.kpi.ua/handle/123456789/78630This article addresses one of the key challenges in modern intelligent systems engineering: the practical implementation of the Privacy-by-Design principle, enshrined in the General Data Protection Regulation (GDPR), within artificial intelligence architectures. Existing approaches, such as federated learning, differential privacy, and homomorphic encryption, while effective tools, create a rigid trade-off between the level of personal data protection, model utility (accuracy), and computational efficiency when applied statically. Such a unified “one-size-fits-all” approach is inefficient, as it leads to either excessive protection of non-sensitive data, which unjustifiably degrades performance, or insufficient protection for the most vulnerable categories of information. The objective of this research is to develop a conceptual framework for a novel artificial intelligence architecture that resolves this issue through dynamic, risk-oriented management of privacy mechanisms. The result of this study is a proposed adaptive hybrid architecture. The scientific novelty of this work lies in shifting from a static model of applying Privacy-Enhancing Technologies (PETs) to a flexible, multi-layered system. This system classifies data and model components in real-timebased on their sensitivity level and associated risks. Depending on the risk level, the architecture dynamically applies an optimal set of protection tools: from basic federated learning with light differential privacy guarantees for low-risk data to the application of homomorphic encryption for the most critical computations. At the core of the architecture is an optimization model that aims to maximize model utility while minimizing computational costs, ensuring compliance with predefined privacy thresholds for each data category as required by GDPR. This approach enables the creation of more efficient, secure, and productive intelligent systems that meet modern regulatory demands.enartificial intelligenceGDPRprivacy-by-designfederated learningdifferential privacyhomomorphic encryptionadaptive architectureprivacy-enhancing technologiesштучний інтелектGDPRприватність за замовчуваннямфедеративне навчаннядиференційна приватністьгомоморфне шифруванняадаптивна архітектуратехнології підвищення приватностіArticleP. 300-309https://doi.org/10.20535/2411-1031.2025.13.2.344715004.8:004.056.50009-0009-5001-0526