On 29 March 2023, the UK Government (“Government”) published its long-awaited white paper (“Paper”), setting out the Government’s proposals to govern and regulate artificial Intelligence (“AI”). Headed “A Pro-Innovation Approach”, the Paper recognises the importance of building a framework that builds trust

Continue Reading One small step for machine: UK Information Commissioner publishes response to new AI White Paper

Synthetic data is a subject (at least for the uninitiated) encircled in a layer of scepticism and uncertainty. While synthetic data has existed for some time, the manner in which it is being utilised has evolved substantially. As with all novel implementations of technology, there are always teething problems and

Continue Reading In defence of synthetic data: how synthetic data can be used as a privacy-enhancing technique during the early stages of an AI system’s lifecycle 

Data is often the fuel that powers AI used by organisations. It tailors search parameters, spots behavioural trends, and predicts future possible outcomes (to highlight a just a few uses). In response, many of these organisations seek to accumulate and use as much data as possible, in order to make

Continue Reading Keeping an ‘AI’ on your data: UK data regulator recommends lawful methods of using personal information and artificial intelligence

In its proposed AI Regulation (“AI Act”), the EU recognises AI as one of the most important technologies of the 21st century. It is often forgotten, however, that AI is not one specific type of technology. Instead, it is an umbrella term for a range of technologies

Continue Reading Data protection regulators publish myth-busting guidance on machine learning

As the tech world continues to discuss the future of AI regulation, it is important to remember that there are already robust legal regimes that impact the development and launch of AI systems, including the General Data Protection Regulation (the “GDPR”). AI systems which fall within the GDPR’s

Continue Reading Data Protection Impact Assessments meet AI: Smart questions for building compliant AI systems that use personal data

Use of AI in healthcare continues to solidify itself as a solid practice for the benefit of patients and healthcare providers. No more than a cursory search of the subject provides a number of existing examples, such as cancer detection, of AI intervention in AI. In some cases, such
Continue Reading IFPMA issues principles encouraging ethical use of AI in healthcare

For the past few years, the UK Government (the “Government”) has grown to acknowledge that the increasing prevalence of AI within the public and private sector has led to the inescapable impact of its behaviour on the UK public. In many cases, this has been met with favour,
Continue Reading AI, algorithms, and accountability: UK government announces world-leading pilot on algorithmic impact assessments in healthcare

Since its inception 30 years ago, the Computer Misuse Act 1990 (CMA) has acted as the primary legislative sword and shield of the UK against a threatening, and ever-growing, cloud of cyber-enabled crime. It is no longer the case that those exploiting an organisation’s threat-vectors exist in dark basements wearing
Continue Reading A Blunted Sword and a Chipped Shield: A call for development to the Computer Misuse Act 1990

On 28 January 2021, the European Insurance and Occupational Pensions Authority (EIOPA) launched a public consultation on data access and sharing in the insurance industry. Data is a key industry asset, available in quantity and widely used – from risk identification to pricing. The increase of partnerships with technology vendors
Continue Reading Is Open Insurance at a turning point? EIOPA launches public consultation on data access and sharing

By: Carol A. F. Umhoefer and Andrew Serwin

The Schrems II decision of the Court of Justice of the European Union (CJEU), rendered on  July 16, 2020, invalidated the EU-US Privacy Shield and created new obligations, notably for businesses transferring personal data pursuant to standard contractual clauses (SCC). On November
Continue Reading Schrems II: European Data Protection Board issues recommendations on supplementary measures for transfers of personal data to the US