Tips For Orgs Facing AI Data Privacy Compliance Challenges

Eduardo Ustaran, Alyssa Golay, and Mark Brennan have authored an Expert Insights article for Law360 covering the intersection of AI and existing privacy frameworks.

In recent months, U.S. regulators have been emphasizing that there is no artificial intelligence exemption to existing law.[1]

It is clear that AI, machine learning and automation issues are front and center for the Federal Trade Commission as these topics took center stage at the commission's eighth annual PrivacyCon, held on 6 March.[2]

On the Hill, the U.S. House of Representatives launched a bipartisan task force on AI on 20 Feb. that will draft a comprehensive report that includes guiding principles, forward-looking recommendations, and policy proposals regarding AI.[3]

And in Europe, while the European Data Protection Board continues to consider the privacy aspects of generative AI, the U.K. Information Commissioner's Office has launched a consultation series on generative AI and data protection that will be used to update their guidance on AI products.[4] The second chapter of this series — "Purpose limitation in the generative AI life cycle" — closes on 12 April.[5]

Regulators around the world have been actively seeking to enforce data privacy and consumer protection laws against companies providing AI-related services, focusing on key areas such as transparency, data minimization, lawfulness of processing, data subject rights and higher risk activities such as automated decision making.

The way in which AI technologies are being rapidly developed and implemented globally raises complex questions in relation to these areas and creates practical challenges for organizations seeking to comply with existing data privacy frameworks.

Read here

Back To Listing