The event included speakers from assurance providers Yoti, and VerifyMy, digital platform providers such as Google, TikTok, the BBC and Epic Games, age-appropriate design platform K-ID, data protection regulators from the UK...more
The Artificial Intelligence Act (AI Act) is the world's first comprehensive legal framework for AI regulation, which entered into force on August 1, 2024. The AI Act aims to ensure that AI systems are trustworthy, safe and...more
4/1/2025
/ AI Act ,
Artificial Intelligence ,
Cyber Attacks ,
Cybersecurity ,
Data Security ,
Enforcement ,
EU ,
European Commission ,
Regulatory Requirements ,
Risk Assessment ,
Risk Management ,
Technology Sector
The integration of AI in the workplace is revolutionising HR. From recruitment to performance analysis, AI use cases can streamline HR processes and enhance productivity. However, the deployment of AI by employers also brings...more
3/18/2025
/ AI Act ,
Artificial Intelligence ,
Bias ,
Employees ,
Employer Liability Issues ,
Employment Policies ,
EU ,
Human Resources Professionals ,
Regulatory Requirements ,
Risk Management ,
Technology Sector ,
UK
What are we really talking about and what are the legal implications under the EU AI Act?
The rapid evolution of artificial intelligence (AI) has led to significant opportunities and challenges, especially in the realm of...more
Given the rapid speed of development in the field of AI, it is increasingly important that businesses develop effective governance to address the regulatory framework governing the development, training, use and deployment of...more
2/20/2025
/ Artificial Intelligence ,
Compliance ,
Data Privacy ,
Data Protection ,
EU ,
General Data Protection Regulation (GDPR) ,
Regulation ,
Regulatory Agenda ,
Regulatory Requirements ,
Risk Management ,
Technology Sector
The European Union Artificial Intelligence Act (AI Act) entered into force on 1 August 2024. The AI Act establishes a risk-based approach to AI, prohibiting certain practices that are deemed unacceptable, such as social...more
2/6/2025
/ Artificial Intelligence ,
Compliance ,
Data Protection ,
Enforcement Actions ,
EU ,
European Commission ,
Healthcare ,
Regulation ,
Regulatory Requirements ,
Risk Management ,
Technology Sector
Companies deploying high-risk artificial intelligence (AI) systems must prepare to conduct Fundamental Rights Impact Assessment (FRIA) by 2 August 2026. In this edition of our “Zooming in on AI” series we explain what this...more
When the AI Act was first proposed by the European Commission in 2021, the concept of “general purpose AI” was nowhere to be found. These rules were introduced during the legislative process to align the AI Act to the...more
As further initiatives come in to play and legislation is on the horizon, existing regulators (such as the ICO, CMA, Ofcom and FCA) continue to press on with their approach to AI regulation, including through the Digital...more
11/22/2024
/ Artificial Intelligence ,
Banking Sector ,
EU ,
Financial Conduct Authority (FCA) ,
Financial Institutions ,
Information Commissioner's Office (ICO) ,
Innovative Technology ,
Legislative Agendas ,
Machine Learning ,
Regulatory Agenda ,
Regulatory Requirements ,
Technology Sector ,
Transparency ,
UK ,
UK Competition and Markets Authority (CMA) ,
UK GDPR
As the EU presses ahead with its implementation of the AI Act, the UK continues to develop its evolutionary approach to AI policy and regulation. As the new Labour Government starts to implement its perspective and ahead of a...more
11/22/2024
/ Artificial Intelligence ,
Corporate Governance ,
Cybersecurity ,
Data Protection ,
Digital Data ,
EU ,
Human Rights ,
International Treaties ,
Legislative Agendas ,
Personal Data ,
Popular ,
Privacy Laws ,
Proposed Legislation ,
Regulatory Agenda ,
Regulatory Reform ,
Technology Sector ,
UK ,
UK GDPR
The EU Artificial Intelligence Act (“AI Act”) exemplifies a highly advanced risk-based approach to European regulation. One of its distinguishing features is the detailed classification of various risk levels associated with...more
11/12/2024
/ Artificial Intelligence ,
Digital Services ,
EU ,
European Commission ,
General Data Protection Regulation (GDPR) ,
Machine Learning ,
Privacy Laws ,
Regulatory Agenda ,
Regulatory Requirements ,
Risk Management ,
Technology Sector ,
Transparency
Companies deploying high-risk artificial intelligence (AI) systems must prepare to navigate a complex landscape of new obligations by August 2, 2026. In this post we explain the key obligations for providers and deployers of...more
10/30/2024
/ Artificial Intelligence ,
Automated Systems ,
Data Protection ,
Distributors ,
EU ,
EU Data Protection Laws ,
General Data Protection Regulation (GDPR) ,
Importers ,
Regulatory Agenda ,
Regulatory Oversight ,
Regulatory Requirements ,
Reporting Requirements ,
Risk Management ,
Technology Sector ,
Transparency
On Wednesday, the UK Government published its new Data (Use and Access) Bill with a promise that it will ‘harness the enormous power of data to boost the UK economy by GBP10 billion’ and ‘unlock the secure and effective use...more
AI-driven technology has emerged as a cornerstone of our present and future daily lives, revolutionising the way transactions and interactions are organised.
With the increased use of AI systems, there is also an...more
10/22/2024
/ Artificial Intelligence ,
Corporate Governance ,
Data Protection ,
EU ,
Machine Learning ,
Privacy Laws ,
Regulatory Agenda ,
Regulatory Requirements ,
Risk Management ,
Stakeholder Engagement ,
Technology Sector
This series of blogs rounds up some of the key data protection regulatory trends we have seen during 2024, focused on the EU and UK.
2024 has seen behavioural advertising and cookies continue to dominate the agenda of...more
10/21/2024
/ Artificial Intelligence ,
Biometric Information ,
Data Protection ,
Data Protection Authority ,
EU ,
EU-US Privacy Shield ,
European Data Protection Board (EDPB) ,
General Data Protection Regulation (GDPR) ,
Initial Coin Offering (ICOs) ,
International Data Transfers ,
Personal Data ,
Privacy Laws ,
Regulatory Agenda ,
Regulatory Requirements ,
Technology Sector ,
UK
This series of blogs rounds up some of the key data protection regulatory trends we have seen during 2024, focused on the EU and UK.
2024 has seen behavioural advertising and cookies continue to dominate the agenda of data...more
10/18/2024
/ Artificial Intelligence ,
Biometric Information ,
Employee Monitoring ,
Employer Liability Issues ,
EU ,
EU Data Protection Laws ,
European Data Protection Board (EDPB) ,
General Data Protection Regulation (GDPR) ,
Information Commissioner's Office (ICO) ,
Machine Learning ,
Personal Data ,
Privacy Laws ,
Regulatory Agenda ,
Risk Management ,
UK
This series of blogs rounds up some of the key data protection regulatory trends we have seen during 2024, focused on the EU and UK.
2024 has seen behavioural advertising and cookies continue to dominate the agenda of data...more
10/17/2024
/ Artificial Intelligence ,
Biometric Information ,
Bots ,
Court of Justice of the European Union (CJEU) ,
Employee Monitoring ,
Employer Liability Issues ,
EU ,
EU Data Protection Laws ,
European Data Protection Board (EDPB) ,
General Data Protection Regulation (GDPR) ,
Information Commissioner's Office (ICO) ,
Machine Learning ,
Personal Data ,
Privacy Laws ,
Regulatory Agenda ,
Risk Management ,
UK
This series of blogs rounds up some of the key data protection regulatory trends we have seen during 2024, focused on the EU and UK.
2024 has seen behavioural advertising and cookies continue to dominate the agenda of data...more
10/17/2024
/ Artificial Intelligence ,
Consent ,
Cookies ,
EU ,
EU Data Protection Laws ,
European Commission ,
European Data Protection Board (EDPB) ,
General Data Protection Regulation (GDPR) ,
Information Commissioner's Office (ICO) ,
Internet ,
Machine Learning ,
Privacy Laws ,
Regulatory Agenda ,
Technology Sector ,
Tracking Systems ,
UK
AI is accelerating digital transformation for companies and data governance is a key pillar in this change, enabling data strategies that unlock the potential of AI, and mitigate the risks associated with its use. Data...more
9/12/2024
/ Artificial Intelligence ,
Corporate Governance ,
Data Management ,
Data Privacy ,
Data Protection ,
EU ,
Information Governance ,
Machine Learning ,
Regulatory Agenda ,
Regulatory Requirements ,
Risk Management ,
UK
The Artificial Intelligence Act (AI Act) entered into force on 1 August 2024 and is the world's first comprehensive legal framework for AI regulation. As companies start incorporating AI tools into their business, products...more
Alongside the recent CJEU judgment on automated decision making in Schufa (see the Allen & Overy blog ) there are a range of developments related to ADM in other jurisdictions.
UK developments -
The UK Parliament is...more
On 7 December 2023, the Court of Justice of the European Union (CJEU) issued a landmark judgment on Article 22 of the General Data Protection Regulation (GDPR), focused on decision making based solely on automated processing...more
In joined Cases C‑26/22 and C‑64/22, related to the German Credit Reference Agency Schufa (see A&O blog on the automated decision making case), the CJEU considered the retention of personal data regarding individuals who had...more
2023 saw a surge in interest in the application of generative AI within business models. So, if AI and data protection was your favourite genre of 2023, or if you found it to be a broken record, this post consolidates and...more
This is the last post in our series on the UK Financial Conduct Authority (FCA) and Prudential Regulation Authority (PRA) proposals to introduce a new regulatory framework on diversity and inclusion (D&I) in the financial...more
12/22/2023
/ Banking Sector ,
Corporate Culture ,
Corporate Governance ,
Data Protection ,
Diversity ,
Diversity and Inclusion Standards (D&I) ,
Financial Conduct Authority (FCA) ,
Financial Services Industry ,
Prudential Regulation Authority (PRA) ,
Risk Management ,
UK