GDPR role, how to determine? The French privacy regulator CNIL reviews the criteria and practical consequences of determining the GDPR role of data controllers and processors. The qualification does not always depend on a contractual choice but on the facts: who decides what, and who executes what, concerning personal data. The controller is the natural […]
Tag: Artificial Intelligence
Explore advancements, ethical considerations, and regulatory requirements in Artificial Intelligence (AI) technology, focusing on compliance with data privacy laws and responsible AI deployment. Learn more about AI ethics and compliance services offered by TechGDPR. This includes managed compliance for the new AI Act.
Explore advancements, ethical considerations, and regulatory requirements in Artificial Intelligence (AI) technology, focusing on compliance with data privacy laws and responsible AI deployment. Learn more about AI ethics and compliance services offered by TechGDPR. This includes managed compliance for the new AI Act.
AI and the GDPR: Understanding the Foundations of Compliance
Artificial intelligence (AI) is a fast evolving group of technologies which presents both great benefits and risks. Ensuring that these technologies align with data protection laws is not just a matter of best practice; it’s a legal necessity. It is arguably the most comprehensive data protection framework in the world, the General Data Protection Regulation […]
Data protection digest 17 May – 1 June 2025: The ‘reject all’ button is a must; legitimate interest as the data controller’s initiative
‘Reject all’ button The State Commissioner for Data Protection of Lower Saxony has ruled that the “Reject all” button is a must on the first level of the consent banner for cookie preferences when an “Accept all” option is available. Consent banners may not specifically encourage consent and discourage the rejection of cookies. Otherwise, the […]
Comparing the UK and EU’s framework on facial recognition technology
As advancements in technology affect all areas in our lives, law enforcement agencies and private companies are also testing the use of artificial intelligence (AI) for the purpose of public safety. Advanced Remote Biometric Identification (RBI), specifically in the form of Facial Recognition Technology (FRT), are currently at the centre of discussion. RBI refers to […]
AI Age Verification: Big Tech’s Risky Fix for GDPR Violations
One-third of GDPR fines being related to the misuse of children’s data. Big tech companies are yet to implement appropriate measures to safeguard them. In response, major platforms like Google and TikTok are planning to use AI age verification to deduce the age of their users. This is done by deducing their age based on […]
Data protection digest 3-17 Mar 2025: Combining FRIA with DPIA is possible, but not once the development of an AI system has begun
FRIA and DPIA: Before deploying a high-risk AI system, the organisations shall assess the impact that the use of such a system may have on fundamental rights, explains the Croatian data protection regulator AZOP. For this purpose, private and public entities shall carry out an assessment containing: If both a FRIA and a DPIA need […]
Self-Hosting AI: For Privacy, Compliance, and Cost Efficiency
Self-hosting AI models is the future of privacy and compliance. By hosting AI models on personal hardware, individuals and businesses can improve data security while meeting strict regulations like the General Data Protection Regulation (GDPR) and the Health Insurance Portability and Accountability Act (HIPAA). Most people use hosted artificial intelligence (AI) services such as ChatGPT […]
Data protection digest 1-15 Feb 2025: an employer can’t track alleged ‘inactivity’ of workers via screengrabs and constant video monitoring
Constant video monitoring and screengrabs at work A company that used software designed to account for times of alleged “inactivity” and grabbed frequent photos of its employees’ computer screens was fined 40,000 euros by the French data protection regulator CNIL. The staff members were also continuously videotaped, both visually and audibly. In particular, the company […]
Data protection digest 16-30 Jan 2025: The intersection of information and operational technologies in the health sector
EU Health sector The Commission presented an EU Action Plan to improve health sector cybersecurity. It will include hospitals, clinics, care homes, rehabilitation centres, various healthcare providers, the pharmaceutical, medical and biotechnology industries, medical device manufacturers, and health research institutions. A significant challenge for the cybersecurity of the health sector is the intersection of information […]
Data protection digest 1-15 Jan 2025: mobile app permissions should work in conjunction with consent requirements – CNIL
Mobile app permissions Technical permissions in mobile app are very useful for privacy, explains the French regulator CNIL. They allow users to block access to certain data technically. However, these permissions are not designed to validate users’ consent, within the meaning of the GDPR. Even when consent is required, a simple request for permission does […]
- 1
- 2
- 3
- …
- 7
- Next Page »
Do you need support on data protection, privacy or GDPR? TechGDPR can help.
Request your free consultation