Governance is where AI goes from being a technical question to a political one. Every major economy on earth is now grappling with a fundamental challenge: artificial intelligence systems are making consequential decisions — about who gets a job, who gets a loan, who gets insurance, who gets bail, which content people see — and these decisions can be biased, opaque, and unaccountable in ways that traditional human decision-making is not. The response from governments globally has been a wave of AI regulation: the EU's landmark AI Act, the Biden administration's executive orders on AI safety, China's layered AI regulations, and a growing body of state and national legislation addressing specific AI harms. For Trinidad & Tobago, which already has one of the most comprehensive data protection frameworks in the Caribbean, this global governance conversation is not someone else's problem. It is an opportunity.
T&T is CARICOM's most industrialised and wealthiest member state, with a GDP per capita that exceeds any other English-speaking Caribbean economy. This economic position brings responsibilities. Just as T&T has historically played a leadership role in CARICOM's trade negotiations, energy diplomacy, and financial integration, it is positioned to lead the region's response to the AI governance challenge. Getting this right would protect T&T citizens, enable responsible AI adoption across the economy, and give T&T a global profile as a thoughtful, capable digital governance actor.
The Global Regulatory Landscape in 2026
The EU AI Act, which entered into force in August 2024 and whose major provisions are now taking effect, is the world's most comprehensive AI regulation. It classifies AI systems by risk level — from prohibited applications (like real-time biometric surveillance in public spaces) to high-risk systems (like AI used in employment, education, credit, and criminal justice) to low-risk systems requiring minimal oversight. High-risk AI systems must meet transparency, accuracy, robustness, and human oversight requirements, and must be registered in a public EU database.
The Act's extraterritorial reach is significant for T&T. Any T&T company that deploys AI systems whose outputs affect EU residents, or that exports AI-enabled services to EU markets, must comply with the Act's requirements. For T&T's growing technology services sector and for companies in the financial services sector that operate in EU markets, understanding and planning for EU AI Act compliance is now a business imperative.
In the United States, the regulatory picture remains fragmented following the rescinding of the Biden administration's AI executive orders under the Trump administration. However, state-level legislation is accelerating. Wisconsin's deepfake legislation, California's AI-in-hiring rules, and Colorado's algorithmic discrimination law are setting precedents that are influencing federal discussions and creating a patchwork of compliance requirements. US-facing T&T businesses need to track this state-level activity carefully.
China's AI governance framework — which includes regulations on recommendation algorithms, deep synthesis (deepfakes), and generative AI — is shaped by different political priorities but establishes interesting precedents on transparency and labelling requirements that have influenced global thinking. China's requirement that AI-generated content be labelled is being adopted in various forms in the EU, the US, and increasingly in other jurisdictions.
T&T's Existing Digital Governance Foundations
Trinidad & Tobago enters the AI governance discussion from a position of relative strength. The Data Protection Act 2011 — the primary legislation governing the collection, use, and disclosure of personal information in T&T — is one of the most comprehensive data protection laws in the Caribbean. It establishes core principles: purpose limitation, data minimisation, accuracy, security, and data subject rights including access and correction. The Office of the Information Commissioner (OIC), which is the data protection authority, is an established institution with enforcement powers.
These data protection principles map directly onto AI governance requirements. An AI system that makes decisions about individuals — a credit scoring model, a hiring algorithm, a fraud detection system — is necessarily a system that processes personal data. The Data Protection Act's requirements for transparency, fairness, and accountability apply to these AI applications. The challenge is that the Act does not specifically address algorithmic decision-making, explainability requirements, or the particular risks of AI bias. These gaps need to be filled through either amendment, supplementary regulations, or specific AI governance legislation.
T&T's e-Government framework, coordinated through iGovTT (the state enterprise responsible for government ICT), provides a foundation for digital governance more broadly. The Government's National ICT Plan and its commitments under the CARICOM ICT Strategy create policy linkages that can support AI governance integration.
AI Rights for T&T Citizens: What Needs Protection
AI governance is ultimately about protecting people. For T&T citizens, the specific AI risks that warrant regulatory attention include:
Employment discrimination: AI-powered hiring systems that screen CVs, assess video interviews, or rank candidates can encode biases present in their training data — systematically disadvantaging candidates from particular ethnic, gender, or socioeconomic backgrounds. In a multi-ethnic society like T&T, where questions of fairness in employment have a long and sensitive history, algorithmic discrimination in hiring is a particularly high-stakes risk.
Lending and credit discrimination: AI credit scoring models used by Republic Bank, RBC, and other financial institutions can perpetuate historical patterns of credit exclusion if trained on historically biased lending data. T&T's Central Bank has responsibilities for fair lending that need to extend to algorithmic lending systems.
Insurance discrimination: AI pricing models that determine insurance premiums can use proxies — postcode, vehicle type, social media behaviour — that correlate with protected characteristics and effectively discriminate. This is particularly relevant for Guardian Group and other T&T insurers adopting AI pricing tools.
Deepfakes and identity fraud: AI-generated synthetic media can be used to create convincing fake videos or audio recordings of T&T citizens — politicians, business leaders, ordinary people — for fraud, harassment, or political manipulation. T&T currently has no specific deepfake legislation. The reputational and financial harms from deepfake fraud are real and growing.
Surveillance: As AI-powered surveillance systems — facial recognition, behavioural analysis, location tracking — become cheaper and more capable, the risk of their deployment without adequate legal safeguards is real. T&T's existing law does not adequately address AI-powered surveillance by either government or private actors.
The Case for a CARICOM AI Governance Framework
Individual CARICOM nations developing AI governance in isolation would produce a fragmented, inefficient result. Fifteen different national AI frameworks — many of them small island states without the policy capacity to develop sophisticated regulation — would create compliance complexity for regional businesses while leaving citizens of smaller states with weaker protections. The rational approach is a coordinated CARICOM framework, developed through CARICOM's existing institutional machinery, that establishes common standards while allowing member states to adapt and enforce them according to local circumstances.
The precedent for this approach exists. The CARICOM Financial Services Agreement established common standards for financial regulation across the region. The CARICOM Model Cybercrime Legislation provided a template that multiple member states have adopted. A CARICOM AI Governance Framework — setting standards for high-risk AI applications, transparency requirements, data protection in AI contexts, and citizen rights — would follow the same model.
T&T is the natural leader for this initiative. Its policy capacity, institutional resources, and economic weight within CARICOM make it the credible convenor. The Ministry of Digital Transformation and iGovTT could lead the process, drawing on T&T's Data Protection Act experience, engaging the Office of the Information Commissioner, consulting with industry and civil society, and building a regional consensus document that other CARICOM members can adopt.
The IDB as a Strategic Partner
The Inter-American Development Bank (IDB) has an active digital economy programme for Caribbean nations, with specific focus on digital infrastructure, e-government, digital inclusion, and regulatory frameworks. The IDB's IDB Lab has published research on AI governance frameworks for Latin America and the Caribbean that directly informs what T&T could develop regionally.
T&T's engagement with the IDB on AI governance would provide access to technical assistance, comparative regulatory analysis, and financing that supports the development of a sophisticated, evidence-based framework. The IDB has supported similar regulatory development processes in other Caribbean nations and has the regional knowledge to help T&T navigate the specific governance challenges of small island developing states.
From Policy to Practice: What T&T Should Do in 2026
The governance agenda for T&T in 2026 should focus on three concrete steps. First, an AI audit of existing government AI use: before regulating the private sector, the Government of T&T should identify and assess all AI systems currently used in public administration — benefits determination, tax compliance, law enforcement, health services. This audit would identify immediate governance gaps and establish the Government's own accountability for AI fairness.
Second, targeted legislative amendments: rather than waiting for comprehensive AI legislation, T&T can address the most urgent gaps through targeted amendments to the Data Protection Act (adding algorithmic decision-making transparency requirements and individual rights to explanation), to employment law (prohibiting discriminatory AI in hiring), and through new deepfake-specific provisions in criminal law.
Third, active engagement in regional and international forums: T&T should seek membership on the OECD's AI Policy Observatory advisory bodies, actively participate in UNESCO's AI Ethics Recommendation implementation network, and table AI governance as a formal CARICOM agenda item in 2026. Each of these moves builds T&T's international profile as a serious AI governance actor while advancing national interests.
Is Your Organisation AI Governance-Ready?
StarApple AI helps T&T organisations understand AI governance requirements, assess their AI risk exposure, and build responsible AI frameworks that comply with emerging regulations. Contact us to get started.
Talk to StarApple AIFrequently Asked Questions
What is the EU AI Act and does it affect T&T?
The EU AI Act is the world's first comprehensive AI regulation, classifying AI systems by risk level. While it directly applies to EU markets, it affects T&T in two ways: T&T companies exporting AI-enabled services to EU markets must comply, and the Act is establishing global norms that T&T's own AI governance framework should reference and learn from.
How does T&T's Data Protection Act provide a foundation for AI governance?
The Data Protection Act 2011 establishes principles of purpose limitation, data minimisation, and data subject rights that directly apply to AI systems. Many AI governance requirements — transparency, fairness, accountability — are extensions of data protection principles. T&T's existing legal infrastructure is a stronger starting point than most CARICOM nations.
What AI-specific harms should T&T citizens be protected from?
T&T citizens face risks from AI discrimination in employment, lending, and insurance; deepfake-enabled fraud and harassment; AI-powered surveillance without transparency; and automated decisions that affect citizens without meaningful explanation or appeal rights. Targeted legislation is needed to address each of these categories.
Why should T&T lead CARICOM AI governance rather than follow?
T&T's GDP per capita, institutional capacity, and position as CARICOM's largest economy give it both the resources and the responsibility to lead. Just as T&T has historically led CARICOM trade and energy integration, it should take the lead in digital governance — setting standards that protect all CARICOM citizens while enabling regional AI economic development.
What is the IDB doing for Caribbean digital governance?
The Inter-American Development Bank has an active digital economy programme for Caribbean nations, providing technical assistance, research, and financing for digital infrastructure and governance. The IDB's Caribbean-specific work includes support for e-government, digital identity, and regulatory frameworks — all of which intersect with AI governance.
What would a CARICOM AI governance framework include?
A CARICOM AI governance framework would establish regional standards for AI transparency, fairness, accountability, and safety. It would include rules on high-risk AI applications, requirements for AI system auditing, data protection standards, and dispute resolution mechanisms — creating a coherent regional approach rather than 15 divergent national approaches.
About AI Trinidad & Tobago
AI Trinidad & Tobago is a project of StarApple AI, led by Caribbean technology strategist Adrian Dunkley. Our mission is to make artificial intelligence accessible, understandable, and actionable for businesses, professionals, and communities across Trinidad & Tobago and the wider Caribbean. We publish practical AI guides, sector-specific analysis, and strategic insights tailored to the T&T context.