Welcome back to our TMT Bites! In this 23rd issue you will find some bites on the third anniversary of GDPR and Artificial Intelligence for your holiday readings. Enjoy and stay tuned for more updates!
The EU Consultation on the draft AI Regulation: Hurry up and have your say!
Following on from discussions at our Digital Breakfasts and in previous articles on the long awaited proposal for an EU regulation laying down harmonized rules on artificial intelligence, we set out the main features, which are currently still subject to consultation.
Regulating artificial intelligence in the EU: top 10 issues for businesses to consider
In this article, we have shortlisted the top 10 issues that have emerged so far in our conversations: they include five things that were generally liked, and five things that a number of commentators would have wanted more of.
Chinas GDPR is coming: Are you ready?
Exploring the upcoming China’s draft Personal Information Protection Law.
3 years GDPR in Germany – Struggles of Federalism and Potentially some Expensive Wake-Up Calls
Looking back over three years of the GDPR for Germany, one significant change is clear: German data protection authorities are imposing heavy fines for infringements.
The impact of the GDPR in Kazakhstan
Recent changes related to personal data protection show that Kazakhstan strives to be a part of jurisdictions that recognize the importance of the development of the legal framework for the protection of personal data and that are actively adopting the basic principles set out in the EU’s GDPR.
GDPR Three Years Later - Data Protection Legal framework in Uruguay
Uruguay has long established its preference for the European regulation in relation to data protection. To the extent, that on August 2012 the European Commission issued a decision recognizing that Uruguay ensures an adequate level of protection within the meaning of Article 25(6) of Directive 95/46/EC of the European Parliament and the Council of Europe.
Supervisory framework of the Dutch Data Protection Authority (DDPA; Autoriteit Persoonsgegevens)
Based on the GDPR, each member state of the European Union has to provide for at least one supervisory authority that will be responsible for monitoring the application of the General Data Protection Regulation (GDPR). For the Netherlands, supervision is provided by the DDPA.
Other articles of this edition
The DPO and conflict of interests: what (management) functions are compatible with the DPO?
In a decision of April 28, 2020, the Belgian Data Protection Authority (DPA) imposed a fine of €50,000 in a case where a data protection officer (DPO) also performed an incompatible function. According to the DPA, a DPO cannot hold a (managerial) position within the organization in which he or she can determine the purpose and/or means of the processing of personal data.