Meta can use data from publicly accessible user profiles on Facebook and Instagram for AI training in Germany, the Cologne Higher Regional Court ruled Friday. Meta didn't immediately comment.
French privacy regulator CNIL fined Solocal Marketing Services $1 million (900,000 euros) for commercial data prospecting without securing prospects' consent and for transferring their data to partners without a valid legal basis.
The European Commission Wednesday unveiled its latest proposals that are intended to reduce administrative costs for European business by simplifying a range of rules, including in the General Data Protection Regulation (GDPR). The GDPR change, which differed slightly from what was expected, drew mixed reactions from stakeholders.
The rise of technologies like generative AI (GAI) and the advent of large language models (LLM) have serious privacy implications, including the idea that individuals can control their data, said three students at UCLA School of Law in a blog for TechPolicy.Press. The "right to be forgotten," as the removal of personal data from public access is called, gained legal acknowledgment under the EU's General Data Protection Regulation (GDPR), which allows individuals to view, edit or delete personal data.
Italian privacy regulator Garante fined U.S. consumer AI company Luka $5.6 million (5 million euros) for General Data Protection Regulation breaches and launched a probe into how it processes data during the life cycle of the generative AI systems that underlie its Replika chatbot, it announced Monday.
The EU-U.S. Data Privacy Framework (DPF) appears to be holding despite Trump administration actions in connection with the FTC and Privacy and Civil Liberties Oversight Board (PCLOB), Irish Data Protection Commissioner Dale Sunderland said during a May 14 interview at the IAPP AI Governance Global Europe conference in Dublin.
Businesses must traverse an expanding “minefield of state and international regulations,” said BigID CEO Dimitri Sirota in an interview last month at the IAPP Global Privacy Conference in Washington. The emergence of AI has also created privacy compliance challenges -- but the emerging technology could also make some aspects of the data protection profession more efficient, he said.
DUBLIN -- EU digital rules such as the General Data Protection (GDPR) and AI Act must align with technological reality or risk harming innovation, speakers said Wednesday at the IAPP AI Governance Global Europe 2025 conference.
DUBLIN -- One of the least clear aspects of the EU AI Act is its content on using biometric data, panelists said Wednesday at the IAPP AI Governance Global Europe 2025 conference.
Massachusetts senators advanced a comprehensive privacy bill that includes a private right of action and Maryland-like data-minimization requirements. On Monday, the Senate side of the legislature’s joint Advanced Information Technology Committee advanced to the Ways and Means Committee a new draft of the Massachusetts Data Privacy Act (S-2516) that replaces bills by the committee’s Senate Chair Michael Moore (D), Senate Majority Leader Cynthia Creem (D) and Sen. William Driscoll (D). Some alternatives remain pending, including legislation by Sen. Barry Finegold (D), his spokesperson told Privacy Daily.