In a decisive move early on July 1, the U.S. Senate voted 99–1 to pass an amended version of the One Big Beautiful Bill (OBBBA), stripping out a controversial provision that would have blocked state-level regulation of artificial intelligence. The amendment, introduced by Sen. Marsha Blackburn (R-TN), eliminated a proposed 10-year moratorium that had tied state compliance to access to federal funds.

The French data protection authority (CNIL) published two new practical fact sheets designed to help actors developing AI systems to comply with the GDPR. The CNIL shares its recommendations on the use of legitimate interest as a legal basis for the development of AI systems and focuses on the collection of data through web scraping.  

The European Commission has launched a public consultation on high-risk AI systems, seeking stakeholder insights to clarify classifications, obligations, and governance under the EU AI Act. Open until 18 July 2025—contribute to shaping future AI regulation in Europe.

The Commission Nationale de l’Informatique et des Libertés (CNIL), the French data protection authority, recently published two recommendations to support innovation in the field of artificial intelligence (AI) in accordance with the General Data Protection Regulation (GDPR). It adopts a didactic approach, issuing recommendations, best practice and explanations on how to apply the principles of the GDPR in the context of AI.

The global AI regulatory landscape is undergoing significant changes, with governments adopting divergent approaches to artificial intelligence governance. In Asia, North America, and Europe, policymakers are setting new standards that could reshape the future of AI development and deployment.

In a decision rendered on 30 December, 2024, the Conseil d’État (Council of State) dismissed the appeal made by four associations against Decree 2023-283 on the use of drones by law enforcement agencies.  The Conseil d’État has reversed its position and authorised law enforcement agencies to use drones.  It stated that the existing legal framework guaranteed compliance with the requirements for the protection of personal data and privacy as laid down by national and European law.

The United States’ Intelligence Community1 (IC) has released Interim Guidance about the acquisition and use of foundation AI models (FMs).  This guidance has been provided by inter-agency lawyers and concerns the application of AG guidelines and policies to the IC’s acquisition and use of FMs. As well as clearly suggesting that IC elements will use FMs for intelligence purposes, the document provides additional guidance concerning model acquisition, modification, augmentation, prompts and outputs.

The Information Commissioner’s Office (ICO) has published its final response to the public consultation on the application of UK data protection law to generative AI (GAI). The response marks the culmination of an extensive consultation process aimed at clarifying key data protection principles in the context of generative AI systems.

In October 2024 the International Enforcement Cooperation Working Group (IECWG) from the Global Privacy Agency(GPA) issued a Concluding Joint Statement on data scraping and the protection of privacy. It completes the Initial Joint Statement on data scraping and the protection of privacy published in August 2023. It contains three objectives: firstly, to outline the key privacy risks associated with data scraping; secondly, to set out how Social Media Companies (SMCs) and other organisations should protect individual personal information; and thirdly, to set out measures that individuals can take to protect their personal data. 

The European Commission’s Artificial Intelligence (AI) office has initiated a targeted consultation with stakeholders on guidelines for defining AI systems and applying prohibitions on certain high-risk AI practices, as outlined in the EU AI Act. This consultation represents a significant step in preparing for the implementation of these provisions, which will come into effect on 2 February 2025, six months after the AI Act’s entry into force. The guidelines are expected to be finalised and published in early 2025, providing practical assistance to businesses, regulators, and other stakeholders in meeting their obligations under the Act.

The Chair AI-Regulation announces the participation of its two research fellows, Cornelia Kutterer and Dr. Theodoros Karathanasis, as plenary experts to the European Commission (EC) consultation on a Code of Practice (CoP) for providers of General-Purpose Artificial Intelligence (GPAI) models. 

The Chair AI Regulation (MIAI) shares the two first interim notes published on the 25 June and the 2 October 2024 by the French and independent think tank, Renaissance Numerique. The interim notes are based on the discussions held during the AI Dialogues, launched by Renaissance Numerique on 5 April, to which the Chair AI Regulation (MIAI) contributes as an academic partner.