- Topics
- Regions
- Events
- Webcasts
- Resources
- CW Exclusives
- Membership
“For tracking litigation, enforcement, and regulatory developments, Compliance Week
should be your prime source.”- Chief Compliance Officer and VP of Legal Affairs, Arrow Electronics
EDPB shift forces AI firms to embed procurement, risk management in GDPR considerations
By 
Neil Hodge2025-02-03T12:00:00
Efforts to clarify the circumstances in which artificial intelligence models may or may not be violating the General Data Protection Regulation (GDPR) could result in yet more confusion for tech firms, companies deploying the technology, and even data protection authorities (DPAs), according to experts.
Additionally, they warn that the recent opinion on AI models issued by the European Data Protection Board (EDPB), the EU’s top regulator for GDPR decisions, could stifle technology innovation throughout Europe as data regulators make increasingly divergent interpretations about what constitutes the safe and legal use of people’s personal information and online data.
In December, the EDPB outlined when and how AI models can be considered anonymous, what constitutes “legitimate interest” when developing AI models, and what should happen if an AI model is developed using personal data that was unlawfully accessed.
THIS IS MEMBERS-ONLY CONTENT
You are not logged in and do not have access to members-only content.
If you are already a registered user or a member, SIGN IN now.
Related articles
-
PremiumEU AI Act next GDPR? Proof in the pudding as boardrooms prioritize data governance
Breaches of the EU’s GDPR can cost companies substantial sums and huge reputational damage. Now some are warning that the implementation of the EU’s AI Act will be just as far-reaching, and could potentially lead to similar numbers of cases.
-
PremiumGood AI governance starts with proactive, continuous risk assessments
Data governance has become a key concern for companies, especially when the EU AI Act and General Data Protection Regulation have put a premium on handling data responsibly and ensuring that artificial intelligence does not cause harm.
-
PremiumPace of innovation will make EU AI Act hard to enforce, experts say
Concerns about how robustly European member states may enforce the EU AI Act, which took effect on Aug. 1, are divided between if regulators will take a “light touch” approach or a sledgehammer for noncompliance. One thing’s for sure, the pace of AI innovation will make enforcement very difficult.
More from Technology
-
News BriefWhite House, BIS attempt to strengthen AI chip export controls in final days of Biden presidency
In tandem with the Commerce Department’s Bureau of Industry and Security, the Biden administration issued a new rule on export controls of domestically produced artificial intelligence chips.
-
PremiumData analytics in compliance: Time to get started, or expand, in 2025
Launching or expanding a corporate data analytics program for compliance can seem like a daunting task, but it is one worth adding to your to-do list in 2025.
-
PremiumHow compliance monitoring can create a stronger foundation for AI, emerging technologies
The era of artificial intelligence adoption is testing the old ways of doing compliance, underscoring the need for continuous monitoring. Compliance isn’t a one-and-done activity, but sometimes organizational incentives and goals fail to prioritize the importance of this.