Part 1: 5 Essential safeguards for website operators

In the rapidly evolving world of artificial intelligence, data scraping is a hot topic. The copying of online text, images and videos has beneficial use cases (e.g. training AI models for more accurate fraud detection or collecting contact details of business representatives

Continue Reading Navigating the legal intricacies of scraping personal data for AI development

It’s fair to say that Aotearoa New Zealand’s approach to regulation (and empowerment) of the rapid adoption of AI-enabled solutions has been conspicuous in its absence to date. New Zealand’s Privacy Commissioner is the only regulator to have released substantive guidance for businesses adopting AI-enabled solutions (see our thoughts on

Continue Reading From Innovation to Implementation: Regulating AI in Aotearoa New Zealand

After years of intense negotiation, EU stakeholders have finally reached political agreement on the long-awaited EU Artificial Intelligence Act (“EU AI Act“), which was first published by the European Commission (“EC“) on 21 April 2021. Following the final trilogues, the Council of the EU released the

Continue Reading Fundamental Rights Impact Assessments under the EU AI Act: Who, what and how?

With great fanfare, and a Herculean final series of negotiating sessions stretching long into the night, political agreement on the EU AI Act was reached on 8th December 2023. This marked a big step closer to the first major piece of legislation regulating AI and its uses coming in

Continue Reading EU AI Act Update – Political Agreement Reached!

Synthetic data is a subject (at least for the uninitiated) encircled in a layer of scepticism and uncertainty. While synthetic data has existed for some time, the manner in which it is being utilised has evolved substantially. As with all novel implementations of technology, there are always teething problems and

Continue Reading In defence of synthetic data: how synthetic data can be used as a privacy-enhancing technique during the early stages of an AI system’s lifecycle 

Data is often the fuel that powers AI used by organisations. It tailors search parameters, spots behavioural trends, and predicts future possible outcomes (to highlight a just a few uses). In response, many of these organisations seek to accumulate and use as much data as possible, in order to make

Continue Reading Keeping an ‘AI’ on your data: UK data regulator recommends lawful methods of using personal information and artificial intelligence

In its proposed AI Regulation (“AI Act”), the EU recognises AI as one of the most important technologies of the 21st century. It is often forgotten, however, that AI is not one specific type of technology. Instead, it is an umbrella term for a range of technologies

Continue Reading Data protection regulators publish myth-busting guidance on machine learning

As the tech world continues to discuss the future of AI regulation, it is important to remember that there are already robust legal regimes that impact the development and launch of AI systems, including the General Data Protection Regulation (the “GDPR”). AI systems which fall within the GDPR’s

Continue Reading Data Protection Impact Assessments meet AI: Smart questions for building compliant AI systems that use personal data

By: Carol A. F. Umhoefer and Andrew Serwin

The Schrems II decision of the Court of Justice of the European Union (CJEU), rendered on  July 16, 2020, invalidated the EU-US Privacy Shield and created new obligations, notably for businesses transferring personal data pursuant to standard contractual clauses (SCC). On November
Continue Reading Schrems II: European Data Protection Board issues recommendations on supplementary measures for transfers of personal data to the US