CNIL Reinforces GDPR Principles to Support Responsible AI Innovation
With the advent of artificial intelligence, the Commission Nationale de l’Informatique et des Libertés (CNIL) continues to ensure that AI advancements align with GDPR principles while promoting innovation. For data protection professionals and privacy experts, understanding these norms is crucial as they navigate the complexities of AI systems while safeguarding data privacy. Essence of the […]
Debunking AI and Data Protection Myths: A Guide for Privacy Experts
The Information Commissioner’s Office ICO has taken a pivotal role in the landscape of artificial intelligence AI by dispelling common myths related to data protection. With AI’s potential to drive innovation and growth, particularly in the UK, data protection remains a critical area aligning with evolving technologies. Understanding Common Myths Myth 1: Lack of Control […]
Cooperation Between Data Protection and Competition Law: A Strategic Perspective
In today’s rapidly evolving business environment, the intersection of data protection and competition law is increasingly relevant. This dynamic interplay is essential for data protection professionals and privacy experts to grasp, given the expanding role of personal data as a key business asset. The European Data Protection Board (EDPB) highlights the necessity for both sets […]
GDPR Non-compliance: TikTok and Temu Face Legal Scrutiny over Data Transfers to China
As data protection professionals, staying abreast of legal challenges and compliance cases is crucial in navigating the complexities of global data privacy regulations. Recently, the privacy-focused organization ‘None of Your Business’ (noyb) filed major GDPR complaints against several companies, including TikTok and Temu, for alleged unlawful data transfers to China, underscoring the persistent challenge of […]
KASPR Sanctioned for Data Scraping Violations
The landscape of data protection is ever vigilant when it comes to adhering to the stringent demands of the General Data Protection Regulation GDPR. Recently, the French Supervisory Authority, CNIL, imposed a significant administrative fine of 200,000 euros on KASPR, a company known for its data scraping activities. This penalty underscores the critical importance of […]
Understanding Article 88 of GDPR in Employment Contexts
In December 2024, the Court of Justice of the European Union addressed significant questions regarding the applicability of Article 88 of the General Data Protection Regulation (GDPR) within employment contexts. This ruling has particular relevance for data protection professionals and privacy experts focusing on employment laws and the GDPR. Key Findings: – Article 88 Compliance: […]
The Implications of AI Social Scoring Under European AI Regulation
As AI systems become increasingly pervasive across various sectors, the European AI Regulation 2024/1689 takes a pivotal role in mitigating the inherent risks associated with AI technologies. Since August 2024, this regulation has been instrumental in establishing a risk-based framework governing the deployment of AI within the EU, culminating in the outright prohibition of certain […]
GDPR Compliance in Rail Transport: Gender Identity Data as Unnecessary
In a recent judgment concerning data protection in the rail sector, the Court of Justice examined the necessity of collecting gender identity data when purchasing transport tickets. This case, involving the French railway company SNCF Connect, highlights critical aspects of GDPR compliance and the principles of data minimization. Core Issues: The French data protection authority, […]
Understanding the UK GDPR in Generative AI Development
The complexities surrounding the application of the UK General Data Protection Regulation (UK GDPR) and the UK Data Protection Act 2018 to generative AI technologies have led the UK Information Commissioner’s Office (ICO) to delve deeper through a 2024 five-part consultation series. Data protection professionals must navigate several pivotal areas highlighted by these consultations. Key […]
OpenAI and ChatGPT: Italian Data Protection Authority Concludes Investigation
In an evolving regulatory environment, the Italian Data Protection Authority (Garante per la protezione dei dati personali) has concluded its investigation into OpenAI’s ChatGPT service. This action highlights the critical focus on transparency and legal compliance in the sphere of artificial intelligence and data privacy. Significant Highlights for Data Protection Experts: – Legal Breaches: OpenAI […]