Privacy laws in the EU and at the state level in the U.S. serve as a basis for building an AI regulation regime, Morrison Foerster’s Marian Waldmann Agarwal and Marijn Storm said during a webinar about the intersection of privacy and AI last week. The partners discussed recent AI regulatory developments and their intersection with privacy obligations.
Transport companies lack legitimate interest under the EU General Data Protection Regulation (GDPR) in requiring customers to indicate their title before purchasing train tickets, the European Court of Justice (ECJ) held in a preliminary ruling Thursday.
Data protection authorities (DPAs) may not limit the number of complaints a person files during a certain period under the EU General Data Protection Regulation (GDPR) unless they find that person is abusing the process, the European Court of Justice held Thursday (Case C-416/23). DPAs seeking to rid themselves of complaints is an EU-wide issue, though this case arose in Austria, said Austrian privacy campaigner Max Schrems.
Better international enforcement cooperation, AI and data free flow with trust (DFFT) are 2025's top priorities for Group of 7 (G7) data protection authorities, several told us. Their October roundtable in Rome focused on those three topics, the European Data Protection Supervisor (EDPS) reported. Representatives from Canada, France, Germany, Japan, the U.K., the U.S., the EDPS and the European Data Protection Board participated.