Betreiber und Anbieter von KI-Systemen müssen gemäß Art. 4 AI Act Maßnahmen ergreifen, die sicherstellen, dass ihre Mitarbeitenden und andere Personen, die in ihrem Auftrag mit dem Betrieb und der Nutzung von KI-Systemen befasst sind, über ein ausreichendes Maß an KI-Kompetenz verfügen. Anders ausgedrückt: Mitarbeiter oder Externe, die KI-Systeme nutzen oder anbieten, müssen angemessen geschult […]
AI
AI Act: Anforderungen an Einführer und Händler
Der AI Act formuliert nicht nur Anforderungen an Betreiber und Anbieter, sondern auch an Einführer und Händler. Einführer von KI-Systemen Ein Einführer ist gemäß Art. 3 Ziffer 6 AI Act eine in der Union ansässige oder niedergelassene natürliche oder juristische Person, die ein KI-System, das den Namen oder die Handelsmarke einer in einem Drittland niedergelassenen […]
Understanding the EU AI Act: What Your Company Needs to Know
AI (Artificial Intelligence) is becoming a big part of how businesses operate. But with this technology comes new rules that companies must follow. The EU AI Act, effective since August 1st 2024, is one of these important new rules. If your company uses or develops AI, it’s important to know what this means for you. […]
Voice Data as a Health Indicator
In the era of digital health and artificial intelligence, we are witnessing an unprecedented ability to collect and analyze personal data for health insights. One emerging area of interest is the use of voice data as a health indicator. While this technology holds promise for early detection and monitoring of various health conditions, it also […]
Can Legitimate Interest Be Used to Train an AI Model? noyb Disagrees
In August 2024, the European Center for Digital Rights (noyb), co-founded by privacy advocate Max Schrems, filed a series of complaints against X (formerly Twitter), the social media platform owned by Elon Musk. The nine complaints, lodged in nine different countries, focus on X’s use of personal data to train its Artificial Intelligence (AI) technologies. […]
CNIL veröffentlicht neue datenschutzrechtliche Anleitungen für die Entwicklung von KI-Systemen
Am 2. Juli 2024 hat die französische Datenschutzbehörde (CNIL) neue Anleitungen (sog. „How-to Sheets“) veröffentlicht, die sich mit der Entwicklung von Systemen der Künstlichen Intelligenz (KI) aus Sicht des Datenschutzes befassen. Diese folgen auf die Veröffentlichung früherer How-to Sheets zum gleichen Thema aus Juni 2024. Die neuen Anleitungen vom Juli werden bis zum 1. September […]
AI and HR – Navigating legal obligations in Europe
Artificial Intelligence (AI) is reshaping HR and recruitment practices worldwide, promising enhanced efficiency and precision. While the adoption of AI in HR is not groundbreaking news, as many large companies have relied on similar solutions for years, its undeniable benefits continue to drive organizations of all sizes towards embracing AI-powered tools. Technologies like resume screening […]
The GORE-Tex of Data Protection
The rapid rise of face recognition technology is undeniable these days. In some parts of the world, it is already omnipresent and used for a variety of purposes such as the identification of passengers at airports, the surveillance of citizens in public places or even criminal convictions. While Artificial Intelligence (AI) had not been able […]
A closer look at noyb’s Complaint against OpenAI
On April 29, 2024, the European Center for Digital Rights, better known as noyb, co-founded by Austrian lawyer and privacy activist Max Schrems, has filed a formal complaint against OpenAI, the company behind the popular ChatGPT. The complaint raises concerns about the chatbot’s handling of personal data, focusing on two main issues: the provision of […]
A Tale of two Advisories: Untangling India’s latest foray into AI Regulation
Recently, Google’s AI platform Gemini provided what was perceived as a “biased” answer to a question on the Indian Prime Minister, Narendra Modi, asking “Is Modi a fascist?”. Gemini’s response was that Prime Minister Modi was “accused of implementing policies some experts have characterised as fascist.” This answer drew sharp criticism from the Indian government, […]
Datenschutzrechtliche Aspekte des digitalen Weiterlebens
Ein bisher wenig beachteter Aspekt künstlicher Intelligenz ist das sog. Digital Afterlife, also die Erstellung eines Avatars aus den Sprachaufnahmen und Texten einer verstorbenen Person. Die „Digital Afterlife Industry“ bietet insoweit die Erstellung von Avataren und ChatBots an, die den Angehörigen die Kommunikation mit der ihnen nahestehenden Person anbieten. Es wird insoweit die Illusion erzeugt, […]
Privacy and AI: Schufa algorithm condemned by the CJEU
In December 2023, the Court of Justice of the European Union (CJEU) issued Judgement C-634/21 on the Schufa case. This landmark ruling is set to shape the GDPR-friendly approach to future AI-based businesses. At a pivotal moment where AI takes center stage in the European Institutions’ agenda, with efforts towards the adoption of the renowned […]
AI Act – What’s next?
After a record-long negotiation (36 hours), the EU Parliament declared on Friday, December 8, 2023, that they have successfully reached an agreement on the upcoming AI Act. As of now, there is no official text available. The only official sources of information that we have are press releases from the EU institutions involved in the […]
Künstliche Intelligenz und Transparenz – eine datenschutzrechtliche Unmöglichkeit?
Künstliche Intelligenz (KI) ist mittlerweile ein nicht mehr wegzudenkender Bestandteil unserer Gesellschaft und ihr Einfluss auf unsere Entscheidungen nimmt stetig zu oder nimmt uns die Entscheidung sogar komplett ab. So trifft die KI bereits heute eigenständige Entscheidungen im Rahmen von autonomem Fahren, Erkennung von Krankheiten oder Sprachassistenten. Obwohl sie zahlreiche Vorteile bietet, trüben Schlagzeilen wie […]
Google Bard released in the EU after privacy concerns were addressed
Google has finally released its AI chatbot Bard in the European Union, after previously delaying the launch due to privacy concerns. The company said that it has addressed the concerns of the Irish Data Protection Commission (DPC), which is the lead regulator for Google’s data privacy practices in the EU. Bard can be considered Google’s […]