Feature
-
Artificial Intelligence (AI) and GDPR
Artificial Intelligence (AI) systems, particularly generative AI, often process vast amounts of data that frequently includes personal data. This brings them within the scope of the General Data Protection Regulation (GDPR), triggering significant privacy and data protection concerns. GDPR is technology-neutral, so while AI is not specifically referenced in the GDPR, this does not change…
-
Council of Europe Framework Convention on Artificial Intelligence Signed on Behalf of EU
On 5 September 2024, the European Commission signed the Council of Europe Framework Convention on Artificial Intelligence on behalf of the European Union. This was the culmination of negotiations that began in September 2022 under the aegis of the Committee on AI (CAI) established by the Council of Europe in Strasbourg.
-
Guide to AI Act Literacy Requirements
Artificial Intelligence, or AI, is a technology that enables machinery to think and solve problems in a human like way. The EU’s Artificial Intelligence Act (the AI Act) establishes a legal framework to ensure appropriate AI use that respects our fundamental rights. The Act entered into force on 1 August 2024, and much like the…
-
AI Guidance for the Board
The following is a template guide that you can use in your practice as a Data Protection Officer or practitioner.
-
NOYB lodges 11 EU Complaints About How Personal Data will be Used for AI at Meta
On 6 June 2024, advocacy group NOYB (None of Your Business) filed complaints against Meta with the Austrian, Belgian, French, German, Greek, Italian, Irish, Dutch, Norwegian, Polish, and Spanish data protection supervisory authorities. This is as a result of changes to Meta’s data protection policy that come into force on 26 June 2024 concerning how…
-
AI Driven Dark Patterns: What does the Future Hold?
The rapid development of generative AI (artificial intelligence) shines a spotlight on the increasing and immediate importance of addressing ethical and privacy concerns associated with the use of these technologies in various fields. Data protection conferences over the past year have consistently highlighted AI’s growing presence in the data protection and privacy arenas and the…
-
Navigating the Crossroads: Striking a Balance Between Fintech Innovation and EU Consumer Protection in the Era of AI
The European Court of Justice’s (ECJ) landmark decision in Case C-634/21 (December 2023) has reignited the debate on the role of Artificial Intelligence (AI) in credit scoring within the Fintech sector. The Court’s ruling held that a credit reference agency (in this case, SCHUFA) engages in automated individual decision-making when it creates credit repayment probability…
-
EU AI Act – Will I need to conduct a Data Protection Impact Assessment? What about a Fundamental Rights Impact Assessment?
Essentially, a Data Protection Impact Assessment (DPIA) is mandatory when the processing of personal data is, “likely to result in a high risk to the rights and freedoms of natural persons”. In the context of the AI Act, a DPIA will also need to be conducted by deployers in respect of the use of high-risk…
-
Data Protection – The Year Ahead
In the ever-changing landscape of data protection, every year is a busy year for data protection professionals and 2024 will certainly be no exception. I would expect the following topics to be keeping us all busy in the coming twelve months.
-
EDPB Adopts Report on the Designation and Position of Data Protection Officers
In 2023, the European Data Protection Board (EDPB) launched a coordinated enforcement action under the Coordinated Enforcement Framework (CEF), which focused on the designation and position of Data Protection Officers. Data Protection Authorities (DPAs) across the EEA took part in the action.