Region: European Union

In a move that was broadly welcomed by industry and civil society, a political agreement has been adopted by European Parliament committees working on the AI Act, opening the door to a full vote expected for June.

11 May 2023

Two MEPs have set out an aspirational timeline for the EU’s landmark AI legislation project, and addressed questions over high-risk AI systems and how it intends to regulate them.

10 May 2023

Two MEPs leading a report into member states’ use of spyware have redoubled their criticism of the European institutions, alleging a chronic lack of action in addressing the abuse of Pegasus and similar technologies.

09 May 2023

An ECJ advocate-general has said car manufacturers are obliged to share vehicle identification numbers with third parties despite the information being classified as personal data.

09 May 2023

The European Court of Justice has rejected any need for a seriousness threshold for GDPR non-material damages, in a ruling that departed from an earlier opinion which could have shot down such claims across the EU.

04 May 2023

A failure to complete records of processing activities and joint controllership arrangements does not mean data processing is unlawful, the European Court of Justice has held.

04 May 2023

The explosion in popularity of new generative AI models has been matched by swift regulatory action – at least in some quarters. But as authorities try to hit the moving target of large language models’ capabilities, it remains to be seen how new restrictions will affect the overall development of consumer AI tools.

03 May 2023

The end of Andrea Jelinek’s term as chair of the European Data Protection Board is drawing near. She tells GDR about the one-stop-shop, progress on the Trans-Atlantic Data Privacy Framework, and harmonisation of member states’ national procedural laws.

02 May 2023

As Ireland’s decision on Meta data transfers looms, the European Data Protection Supervisor has expressed optimism about the new proposed framework for EU-US data transfers.

27 April 2023

A European Court of Justice advocate-general has said German regulators do not have to identify responsible individuals in order to fine companies – but said penalties can only be issued if companies acted intentionally or negligently.

27 April 2023