The European Commission has published draft guidelines (Draft Guidelines) to clarify the classification of high-risk AI systems under the European Union’s Artificial Intelligence Act (EU AI Act). This classification is crucial, as it determines whether an AI system will be subject to the EU AI Act’s most burdensome obligations. The Draft Guidelines provide general principles which inform if an AI system is high-risk, as well as a non-exhaustive list of examples of high-risk AI systems across various sectors. Organizations can provide feedback on the Draft Guidelines via this survey until June 23, 2026.
Continue Reading Draft Guidelines Clarify Which AI Systems Are “High-Risk” Under EU AI ActRossana Fol
EU Court Upholds the Validity of the EU-U.S. Data Privacy Framework
By Cédric Burton, Rossana Fol & Hattie Watson on
On September 3, 2025, the EU General Court (the General Court) (the second-highest court in the European Union (EU)) upheld the validity of EU-U.S. Data Privacy Framework (DPF) in Philippe Latombe v European Commission (T-553/23).…
Continue Reading EU Court Upholds the Validity of the EU-U.S. Data Privacy FrameworkEU Commission Issues Guidelines on Prohibited AI Practices Under EU AI Act
By Laura De Boel, Maneesha Mithal, Christopher Olsen, Rossana Fol, Roberto Yunquera Sehwani & Karol Piwonski on
Posted in Cybersecurity
On February 4, 2025, the European Commission (EC) issued draft guidelines clarifying the AI practices that are prohibited under the European Union’s (EU) Artificial Intelligence (AI) Act. While non-binding, the guidelines offer valuable clarifications and practical examples to help businesses navigate their obligations under the AI Act. The EC has approved the draft guidelines, but is still to formally adopt them, which is expected in the near term.
Continue Reading EU Commission Issues Guidelines on Prohibited AI Practices Under EU AI ActEU Court Awards Damages for Breach of EU Data Transfer Rules
Posted in Litigation
On January 8, 2025, the second highest court of the European Union (EU), the General Court of the Court of Justice of the EU (the Court), ordered (in Bindl v European Commission, Case T-354/22) the European Commission (EC) to pay EUR 400 in damages to an individual for transferring their personal data to the U.S. without having implemented a data transfer mechanism under EU law.
Continue Reading EU Court Awards Damages for Breach of EU Data Transfer RulesEU Privacy Regulators Confirm That Legitimate Interest Is a Valid Legal Basis for AI Model Training and Deployment
Posted in European Union, Privacy
On December 18, 2024, the European Data Protection Board (EDPB) published its much-anticipated Opinion on the processing of personal data in the context of AI models in light of the EU General Data Protection Regulation (GDPR).
Continue Reading EU Privacy Regulators Confirm That Legitimate Interest Is a Valid Legal Basis for AI Model Training and DeploymentEU AI Act to Enter into Force in August
Posted in Privacy
On July 12, 2024, the European Union’s (EU) Artificial Intelligence Act (AI Act) was published in the Official Journal of the EU. This was the last step for the AI Act to become law. The AI Act will enter into force 20 days after the publication, i.e., on August 1.
Continue Reading EU AI Act to Enter into Force in AugustUpdated: 10 Things You Should Know About the EU Artificial Intelligence Act
By Cédric Burton, Laura De Boel, Nikolaos Theodorakis, Roberto Yunquera Sehwani, Yann Padova, Karol Piwonski & Rossana Fol on
Posted in European Union, Privacy
The Artificial Intelligence Act (AI Act) is the first comprehensive legislation that intends to regulate AI horizontally across all sectors in Europe. It will have far reaching consequences on all companies developing, implementing, or using AI solutions in the EU and beyond. These FAQs provide key information you should know before the AI Act is adopted, and some tips on what you can already be doing to prepare. To learn more, click here to read Wilson Sonsini’s updated FAQs.”
Continue Reading Updated: 10 Things You Should Know About the EU Artificial Intelligence Act