Who this is for: AI governance teams, data protection officers, ML engineers, and compliance practitioners at organizations that process sensitive personal data (race, ethnicity, health, religion, sexual orientation) to detect and correct bias in AI systems operating within EU jurisdiction.

Regulatory context: The EU AI Act Omnibus agreement (May 7, 2026) explicitly permits processing of special category data under Article 10(5) for bias detection and correction, subject to strict safeguards. This creates a new obligation: organizations must now prove that sensitive data was processed exclusively for bias purposes, with appropriate technical and organizational measures. This guide maps that obligation to SWT3 witness procedures.

Contents

1. The Bias Detection Evidence Problem 2. Legal Basis: EU AI Act Art. 10(5) and GDPR Art. 9 3. SWT3 Procedure Mapping 4. Clearing Level Guidance for Sensitive Data 5. Witnessing Workflow 6. What the Evidence Record Proves 7. GDPR Art. 9 Interplay 8. Common Pitfalls 9. References

1. The Bias Detection Evidence Problem

Before the Omnibus amendment, organizations faced a regulatory dilemma: the EU AI Act required bias testing for high-risk AI systems (Art. 10(2)(f)), but the GDPR restricted processing of sensitive personal data (Art. 9) that is necessary to measure demographic bias. Organizations that tested for racial or gender bias risked GDPR enforcement. Organizations that avoided sensitive data risked deploying biased systems.

The Omnibus resolves the legal basis question by explicitly permitting sensitive data processing for bias detection under Art. 10(5), subject to safeguards. But resolving the legal basis creates a new evidence problem: how do you prove that sensitive personal data was processed only for bias detection and not for any other purpose?

A log entry that says "processed ethnicity data" is not sufficient. An auditor needs to see:

SWT3 produces cryptographic witness anchors that record each of these elements as verifiable compliance artifacts.

EU AI Act

Article 10(5) -- Bias Detection Exception

The Omnibus amendment permits providers of high-risk AI systems to process special categories of personal data referred to in Article 9(1) of Regulation (EU) 2016/679 (GDPR) to the extent that it is strictly necessary for the purposes of ensuring bias detection and correction.

Required safeguards include:

GDPR

Article 9(2)(g) -- Substantial Public Interest

The GDPR permits processing of special category data when it is necessary for reasons of substantial public interest, on the basis of Union or Member State law. The EU AI Act Art. 10(5) serves as the Union law basis. This means Art. 10(5) and Art. 9(2)(g) operate together: the AI Act provides the legal basis, the GDPR provides the safeguard framework.

Organizations must still comply with GDPR principles: purpose limitation (Art. 5(1)(b)), data minimization (Art. 5(1)(c)), storage limitation (Art. 5(1)(e)), and accountability (Art. 5(2)). SWT3 witness anchors provide the accountability evidence.

3. SWT3 Procedure Mapping

Four SWT3 procedures directly address bias detection and sensitive data processing evidence requirements:

Procedure Purpose Factor Semantics Art. 10(5) Safeguard
AI-FAIR.1 Bias Detection factor_a = parity threshold (x1000), factor_b = measured ratio, factor_c = deviation Proves bias was measured against a defined standard
AI-FAIR.2 Fairness Metrics factor_a = fairness bound (x1000), factor_b = measured score, factor_c = deviation Proves pass/fail against quantitative fairness criteria
AI-FAIR.3 Demographic Parity Audit factor_a = audit frequency (days), factor_b = days since last audit, factor_c = categories audited Proves periodic auditing across protected categories
AI-DATA.4 Data Retention Compliance factor_a = records affected, factor_b = completion flag, factor_c = event type code Proves pseudonymization or deletion after bias processing
Why these four procedures together: AI-FAIR.1 and AI-FAIR.2 prove the bias measurement itself. AI-FAIR.3 proves the measurement is periodic and covers all relevant categories. AI-DATA.4 proves the sensitive data was disposed of after use. Together, they form a complete evidence chain from data ingestion through measurement through disposal.

4. Clearing Level Guidance for Sensitive Data

Sensitive personal data used for bias detection must be witnessed at Clearing Level 2 (Sensitive) or higher. This is not optional -- the data classification demands it.

Clearing Level Appropriate For What Is Recorded
CL0 -- Analytics Not appropriate for sensitive data processing Aggregate statistics only, no factor details
CL1 -- Standard Non-sensitive bias metrics (e.g., output distribution analysis without demographic data) Full factors, model identity, procedure
CL2 -- Sensitive Bias detection using special category data (Art. 10(5) processing) Full factors, restricted access, audit trail
CL3 -- Classified Cross-border bias audits involving multiple jurisdictions or regulatory escrow requirements Full factors, jurisdiction-aware escrow, structural proofs
Do not witness sensitive data bias audits at CL0 or CL1. If an auditor sees a bias detection witness anchor at CL0, the immediate question is: "If the data was sensitive enough to require Art. 10(5) authorization, why was the evidence record treated as analytics-grade?" The clearing level must match the data classification.

5. Witnessing Workflow

The bias detection witnessing workflow follows a four-step pattern that maps directly to the Art. 10(5) safeguards:

Step 1

Witness the Bias Measurement (AI-FAIR.1 or AI-FAIR.2)

When your bias detection pipeline runs, witness the measurement result. The witness anchor records the threshold, the measured value, and the deviation. This proves that bias was measured against a quantitative standard, not subjectively assessed.

For demographic parity: use AI-FAIR.1. For equalized odds, calibration, or custom fairness metrics: use AI-FAIR.2.

Step 2

Witness the Audit Scope (AI-FAIR.3)

Record which protected categories were audited and the audit frequency. This proves that bias detection covered all relevant demographic groups and was conducted on a defined schedule, not ad hoc. Factor_c records the number of categories audited -- an auditor can verify this against your documented protected categories list.

Step 3

Witness Data Disposal (AI-DATA.4)

After the bias measurement is complete, witness the pseudonymization or deletion of the sensitive data. Factor_c encodes the event type: pseudonymization (code 1), access restriction (code 2), or deletion (code 3). This proves that sensitive data was not retained beyond the bias detection purpose.

Step 4

Verify the Evidence Chain

The three witness anchors (measurement, scope, disposal) share a common cycle_id linking them to the same bias audit event. An auditor can verify the complete chain: data was ingested for a defined purpose, bias was measured against quantitative criteria, all relevant categories were covered, and the data was disposed of afterward.

6. What the Evidence Record Proves

When an auditor, Notified Body, or data protection authority reviews the witness record, the anchors answer the critical regulatory questions:

Regulatory Question Answered By Evidence
Was sensitive data processed for a lawful purpose? AI-FAIR.1 / AI-FAIR.2 Anchor procedure ID proves the processing was for bias detection, not inference or profiling
Was a quantitative standard applied? AI-FAIR.1 / AI-FAIR.2 Factor_a records the threshold; factor_b records the measurement; factor_c records deviation
Were all protected categories covered? AI-FAIR.3 Factor_c records the count of categories audited; audit frequency in factor_a
Was processing periodic, not one-time? AI-FAIR.3 Factor_a records required frequency; factor_b records days since last audit
Was the data disposed of after use? AI-DATA.4 Factor_c encodes disposal method; factor_a records records affected
Was the processing bounded in time? cycle_id chain All three anchors share a cycle_id proving they belong to the same bounded audit event
Can the evidence be independently verified? SHA-256 fingerprint Any party with the anchor can recompute the fingerprint and verify against the ledger

7. GDPR Art. 9 Interplay

7.1 Purpose Limitation (Art. 5(1)(b))

The GDPR requires that personal data be collected for specified, explicit, and legitimate purposes. The SWT3 witness procedure ID (AI-FAIR.1, AI-FAIR.2, AI-FAIR.3) cryptographically binds the processing to the bias detection purpose. If the same data were processed for an inference procedure (AI-INF.1), it would produce a different procedure ID in the anchor -- visible to any auditor.

7.2 Data Minimization (Art. 5(1)(c))

The AI-FAIR.3 factor_c (categories audited count) provides evidence that only the necessary demographic categories were processed. An organization auditing 5 protected categories when only 3 are relevant to its domain would need to justify the additional processing.

7.3 Storage Limitation (Art. 5(1)(e))

The AI-DATA.4 anchor proves that sensitive data was pseudonymized or deleted after the bias audit. The timestamp on the disposal anchor, compared to the measurement anchor, shows the retention duration. Short durations (minutes to hours) demonstrate compliance with storage limitation.

7.4 Accountability (Art. 5(2))

The entire witness chain -- measurement, scope, disposal -- constitutes the accountability record. It is tamper-evident (SHA-256 fingerprint), timestamped, and independently verifiable. This is the "demonstrate compliance" element that Art. 5(2) requires.

7.5 Data Protection Impact Assessment (Art. 35)

Processing sensitive data for bias detection likely triggers a DPIA obligation under GDPR Art. 35(3)(b) (processing of special categories on a large scale). The SWT3 witness record provides the technical measures evidence that the DPIA should reference. See the FRIA + DPIA Integration Guide for detailed evidence mapping.

8. Common Pitfalls

Pitfall 1

Witnessing Bias Detection at the Wrong Clearing Level

If your bias audit processes race, ethnicity, or health data, witness at CL2 or CL3. CL0 and CL1 are insufficient for special category data. A Notified Body will flag the mismatch.

Pitfall 2

Missing the Disposal Anchor

Witnessing the bias measurement without witnessing the data disposal leaves the evidence chain incomplete. The Art. 10(5) safeguard requires that sensitive data not be used for other purposes. Without AI-DATA.4, you cannot prove the data was removed.

Pitfall 3

One-Time Audits Without Periodicity Evidence

A single bias audit does not demonstrate ongoing compliance. AI-FAIR.3 records the audit frequency and days since last audit. If an auditor sees AI-FAIR.3 anchors months apart when the configured frequency is 30 days, the gap itself is evidence of non-compliance.

Pitfall 4

Conflating Bias Detection with Model Evaluation

Model accuracy testing (AI-INF.2) is not bias detection (AI-FAIR.1). An auditor asking "did you test for demographic bias?" will not accept inference performance anchors as evidence. Use the correct procedure for the correct purpose.

Pitfall 5

Assuming Art. 10(5) Eliminates GDPR Obligations

Art. 10(5) provides the legal basis for processing. It does not override GDPR principles, data subject rights, or the DPIA obligation. You still need purpose limitation, data minimization, storage limitation, and accountability -- the SWT3 witness chain provides the evidence for all four.

9. References

Related SWT3 Guides

Neutrality statement: Tenable Nova LLC is an independent evidence platform. It does not grant certifications, issue conformity assessments, or replace the professional judgment of a Notified Body or data protection authority. The mappings in this guide reflect the publisher's analysis of the regulatory text and may not address all obligations applicable to your organization. Consult qualified legal counsel before making compliance decisions based on this content.