The purpose of this article is to explore the existing data portability rights under EU law, and assess the potential gaps among the GDPR, the DMA and the Data Act in the light of the new development of autonomous AI agents.
On May 16th, 2023, the French data control agency – Commission Nationale de l’Informatique et des Libertés (CNIL) – published an action plan aimed at ensuring respect for the privacy of people in relation to Artificial Intelligence (AI) systems and more specifically generative AI (e.g. Midjourney and ChatGPT from the company OpenAI). This action plan follows the 2017 CNIL’s first global approach on these new tools.
The European Consumer Organisation (BEUC) is calling ‘for EU and national authorities to launch an investigation into ChatGPT and similar chatbots’, following the filing of a complaint on March 30th, 2023, on the other side of the Atlantic by the Center for Artificial Intelligence and Digital Policy (CAIDP) in relation to ChatGPT-4.
Are you interested in the societal impacts and major legal issues posed by the development of Artificial Intelligence and new technologies, including the Metaverse? Do you have a PhD in legal studies (preferably digital law, intellectual property law or European/International/Human Rights law)? Are you ready to dive into the issues that concern protection of personal data and privacy, freedom of expression and other human rights in the era of AI? Do you have an open and curious mind?
On December 16, 2022, Katia Bouslimani successfully defended her PhD Thesis entitled “Consent in the General Data Protection Regulation (GDPR)” in front of a Jury composed of Professors Brunessen Bertrand, Gloria González Fuster, Celia Zolynski, Peter Swire and Jean-Michel Bruguière and the supervisors of the PhD Thesis Karine Bannelier and Theodore Christakis.
Data is the fuel of AI systems. Anonymisation has been presented as a panacea to protect personal data while enabling AI innovation. However, the growing efficiency of re-identification attacks on anonymised data raises a series of legal questions.
Due to the proliferation of “intelligent” video devices in public spaces, the French Data Protection Authority (CNIL) launched a public consultation on its draft position concerning the conditions for the deployment of so-called “smart” cameras in public spaces. Following several months of consideration, and various contributions from public and private actors, the Commission published its opinion last July.
In June 2022, the Ada Lovelace institute published an ‘Independent legal review of the governance of biometric data in England and Wales’ written by Matthew Ryder. This review aims to address the current legal uncertainty concerning the collection, use and processing of biometric data in England and Wales. It also puts forward 10 recommendations to improve the legal framework as well as the governance of biometrics in England and Wales.
This is the first ever detailed analysis of what is the most widespread way in which Facial Recognition is used in public (& private) spaces: to authorise access to a place or to a service. The 3rd Report in our #MAPFRE series should be of great interest to lawyers interested in data protection; AI ethics specialists; the private sector; data controllers; DPAs and the EDPB; policymakers; and the general public, who will find here an accessible way to understand all these issues.
The French DPA, CNIL, stressed that “the current debate on facial recognition is sometimes distorted by a poor grasp of this technology and how it works”. This 2nd of 6 Reports of our MAPFRE series provides a path to understanding with a classification table presenting in the most accessible way the different facial processing functionalities and applications used in public spaces.
How to regulate the use of facial recognition in public spaces in Europe? This crucial debate has often been characterised by a lack of clarity and precision. Here is the first of 6 Reports from our big “MAPFRE” research project, a detailed independent study analysing the different ways in which FRT is being used and the related legal issues.
On April 16, 2021, the Garante per la protezione dei dati personali, the Italian Data Protection Authority (DPA), issued an unfavourable opinion on the use of the SARI Real Time system by the Ministry of the Interior, a real-time facial recognition system aiming to assist the Police Force in the management of public order and safety.
The technical storage or access is strictly necessary for the legitimate purpose of enabling the use of a specific service explicitly requested by the subscriber or user, or for the sole purpose of carrying out the transmission of a communication over an electronic communications network.
The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.
The technical storage or access that is used exclusively for statistical purposes.The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.
The technical storage or access is required to create user profiles to send advertising, or to track the user on a website or across several websites for similar marketing purposes.