The Artificial Intelligence Act (AI Act) is the first comprehensive legislation that intends to regulate AI horizontally across all sectors in Europe. It will have far reaching consequences on all companies developing, implementing, or using AI solutions in the EU and beyond. These FAQs provide key information you should know before the AI Act is adopted, and some tips on what you can already be doing to prepare. To learn more, click here to read Wilson Sonsini’s updated FAQs.”Continue Reading Updated: 10 Things You Should Know About the EU Artificial Intelligence Act

On April 3, 2024, the UK Information Commissioner’s Office (ICO) released a statement setting out its priorities for protecting children’s privacy online. The priorities reflect the ICO’s strategy for the next phase of implementing its Children’s code of practice (also known as the “AADC”) and signal a focus by the regulator on the operations of social media and video-sharing platforms (platforms). The ICO will look at platforms’ default settings for children’s profiles, recommender systems and how they obtain consent to the processing of children’s data. The statement also indicates that the ICO will conduct audits of EdTech providers to identify privacy risks and potential noncompliance with applicable legislation.Continue Reading UK Privacy Regulator Details Next Stages of Its Strategy to Protect Children Online

On February 28, 2024, the UK’s Information Commissioner (commissioner) confirmed that the regulator’s focus areas in 2024 will include artificial intelligence (AI), cookies, biometrics, and children’s privacy.Continue Reading UK Privacy Regulator to Focus on AI, Cookies, Biometrics, and Children’s Privacy, and Consult on “Consent or Pay” Models

On December 8, 2023, the EU finally agreed on the world’s first comprehensive legal framework on AI: the AI Act. EU lawmakers reached a political agreement on a series of controversial issues after record-long negotiations. They are expected to formally adopt the agreed text within the next couple of months. If adopted, the AI Act will ban certain AI systems, regulate general purpose AI (GPAI), impose heavy obligations on high-risk AI systems, subject to high fines, and support innovation through regulatory “sandboxes.” The AI Act will have an extraterritorial reach. Being the first law of its kind globally, the AI Act has the potential to establish a benchmark for AI regulation in other regions, just as the EU General Data Protection Regulation (GDPR) has accomplished.Continue Reading EU Lawmakers Reach Political Agreement on the AI Act

The Online Safety Bill (OSB or Bill) passed its final reading in the UK’s Parliament in September 2023. The Bill will become law in the coming weeks, ushering in a new era for the regulation of digital services in the UK. Online platforms and search services that fall within the scope of the legislation will be subject to proactive content risk assessment and mitigation duties oriented at protecting users, regardless of where those services are established. The Bill has attracted considerable media attention due to its anticipated impact on the operation of online services in the UK, as well as the potential for it to interfere with freedom of speech.Continue Reading Flagship Online Safety Bill Moves Closer to Enactment in the UK: Who Will Be in Scope and What Will It Require?

On September 21, 2023, the UK Government announced the establishment of the “UK-US data bridge” (the Bridge), also known as the UK Extension to the EU-U.S. Data Privacy Framework (the DPF). The announcement promises to simplify compliance issues surrounding the transfer of personal data from the UK to the U.S.Continue Reading UK-U.S. Data Bridge Commencement Date Announced

On July 10, 2023, the European Commission (EC) adopted an adequacy decision in relation to the EU-U.S. Data Privacy Framework (DPF). This paves the way for organizations to certify to the DPF, reducing friction for transfers of personal data from the EU to the U.S., and allowing companies to simplify their compliance with EU data flow restrictions. It thus represents a major development in the regulation of data flows from the EU to the U.S.Continue Reading EU and U.S. Finalize Data Privacy Framework: Here’s How to Get Certified