After years of intense negotiation, EU stakeholders have finally reached political agreement on the long-awaited EU Artificial Intelligence Act (“EU AI Act“), which was first published by the European Commission (“EC“) on 21 April 2021. Following the final trilogues, the Council of the EU released the

Continue Reading Fundamental Rights Impact Assessments under the EU AI Act: Who, what and how?

With great fanfare, and a Herculean final series of negotiating sessions stretching long into the night, political agreement on the EU AI Act was reached on 8th December 2023. This marked a big step closer to the first major piece of legislation regulating AI and its uses coming in

Continue Reading EU AI Act Update – Political Agreement Reached!

Synthetic data is a subject (at least for the uninitiated) encircled in a layer of scepticism and uncertainty. While synthetic data has existed for some time, the manner in which it is being utilised has evolved substantially. As with all novel implementations of technology, there are always teething problems and

Continue Reading In defence of synthetic data: how synthetic data can be used as a privacy-enhancing technique during the early stages of an AI system’s lifecycle 

Data is often the fuel that powers AI used by organisations. It tailors search parameters, spots behavioural trends, and predicts future possible outcomes (to highlight a just a few uses). In response, many of these organisations seek to accumulate and use as much data as possible, in order to make

Continue Reading Keeping an ‘AI’ on your data: UK data regulator recommends lawful methods of using personal information and artificial intelligence

In its proposed AI Regulation (“AI Act”), the EU recognises AI as one of the most important technologies of the 21st century. It is often forgotten, however, that AI is not one specific type of technology. Instead, it is an umbrella term for a range of technologies

Continue Reading Data protection regulators publish myth-busting guidance on machine learning

As the tech world continues to discuss the future of AI regulation, it is important to remember that there are already robust legal regimes that impact the development and launch of AI systems, including the General Data Protection Regulation (the “GDPR”). AI systems which fall within the GDPR’s

Continue Reading Data Protection Impact Assessments meet AI: Smart questions for building compliant AI systems that use personal data

By: Carol A. F. Umhoefer and Andrew Serwin

The Schrems II decision of the Court of Justice of the European Union (CJEU), rendered on  July 16, 2020, invalidated the EU-US Privacy Shield and created new obligations, notably for businesses transferring personal data pursuant to standard contractual clauses (SCC). On November
Continue Reading Schrems II: European Data Protection Board issues recommendations on supplementary measures for transfers of personal data to the US

by Jim Halpert, Andrew A. Kingman and Andrew Serwin

As the business community takes stock of the 2020 election results, it should place particular significance on the passage of Proposition 24, the California Privacy Rights Act (CPRA), by about a 12 percent margin. The CPRA makes significant changes to
Continue Reading California ballot initiative passes, significantly altering the California Consumer Privacy Act

by: Victoria Lee and Andrew Serwin

In the latest episode of DLA Piper’s Beyond the Curve podcast, Victoria Lee, co-chair of the firm’s global Technology sector, talks with Andrew Serwin, US chair and global co-chair of DLA Piper’s Cybersecurity and Data Protection, Privacy and Security practices, about the recent Schrems
Continue Reading Beyond the Curve podcast: Impact of the Schrems II decision