On September 10, 2024, the European Commission (EC) offices in charge of the enforcement of the Digital Markets Act (DMA) and the European Data Protection Board (EDPB)—the European body composed of all EU data protection regulators that oversees the consistent application of the General Data Protection Regulation (GDPR)—announced that they intend to provide guidance on the interplay between the DMA and GDPR.Continue Reading EU Agencies to Develop Guidance on the Interplay Between the DMA and GDPR
Mia Gal
French Data Protection Authority Publishes Recommendations on the Development of AI Systems: Seven Takeaways
On April 8, 2024, the French Data Protection Authority (CNIL) published recommendations on the development phase of artificial intelligence (AI) systems1 (Recommendations). They are the first set of recommendations designed to guide the various players in the AI ecosystem on how to apply the General Data Protection Regulation (GDPR) to the development of AI systems. The Recommendations are relevant to providers and users of AI systems who process personal data as part of the development of such systems, including fine-tuning already-existing AI systems.Continue Reading French Data Protection Authority Publishes Recommendations on the Development of AI Systems: Seven Takeaways
EU Court Opinion: Competition Authorities May Consider Data Protection Breaches in Their Investigations
On September 20, 2022, an adviser to the EU’s top court opined that competition authorities may consider a company’s compliance with the EU’s data protection rules as part of an abuse of dominance investigation.
In…
Continue Reading EU Court Opinion: Competition Authorities May Consider Data Protection Breaches in Their InvestigationsEuropean Union Adopts Flagship Digital Services Act
On October 27, 2022, the Digital Services Act (DSA) was published in the Official Journal of the European Union, sweeping in a new era in the regulation of digital services. (See Wilson Sonsini’s DSA…
Continue Reading European Union Adopts Flagship Digital Services ActIncreased Scrutiny for AI Systems and Draft AI Legislation in the EU
EU lawmakers are preparing a new Artificial Intelligence Act (AIA). Timing for adoption remains unclear, but once the AIA enters into force, it will impose strict obligations on providers and users of AI systems. In the meantime, EU regulators have started issuing fines against companies using AI systems on the basis of the EU General Data Protection Regulation (GDPR). For example, the Hungarian privacy regulator recently issued a fine of approximately $680,000 against a bank for non-compliance with GDPR rules in the context of its use of AI software to analyze customer service calls. To learn more about the upcoming legislation, please see Wilson Sonsini’s Fact Sheet below on the current draft AIA.
Continue Reading Increased Scrutiny for AI Systems and Draft AI Legislation in the EU