Support Centre

Europe

Insights

On January 11, 2024, the European Commission issued a press release marking the entry into force of the Regulation on Harmonised Rules on Fair Access to and Use of Data (the Data Act) on the same date, as part of the European Union's (EU) digital strategy. The Data Act aims to facilitate the exchange of data and will become applicable in 20 months, on September 12, 2025. OneTrust DataGuidance Research gives an overview of the Data Act, with further insights provided by Wim Nauwelaerts, Partner at Alston & Bird. 

On February 13, 2024, the European Data Protection Board (EDPB) published its Opinion on the notion of the main establishment of a controller in the EU under the General Data Protection Regulation (GDPR) (the Opinion). OneTrust DataGuidance Research breaks down the Opinion with expert comments from Philip James and Anna Allen, from Eversheds Sutherland's Global Privacy & Cybersecurity Group.

In today's rapidly evolving digital landscape, the EU stands at the forefront of introducing comprehensive digital and data-related legislation. The EU's intentions are to balance the interests of the data economy, promote fair competition, and protect the rights of individuals. In this article, Theresa Ehlen, Philipp Roos, and John-Markus Maddaloni, from Freshfields Bruckhaus Deringer, delve into the practical implementation of the EU rules for the data and digital landscape.

This Insight article delves into the recent adoption of the Act on the Protection of Whistleblowers (the Act) in Czechia, highlighting changes for employers. It covers key rules, the role of designated competent persons, and control mechanisms, offering practical recommendations for companies adjusting to the new whistleblowing regulations.

Understanding the obligations inherent under the EU Artificial Intelligence Act (the AI Act) is paramount for users and other actors navigating this dynamic landscape.

The AI Act predominantly imposes obligations on 'providers' (developers) rather than on 'users' (deployers) of high-risk artificial intelligence (AI) systems. While some of the risk posed by the systems listed in Annex III comes from how they are designed, significant risks stem from how they are used. This means that providers cannot comprehensively assess the full potential impact of a high-risk AI system during the conformity assessment, and therefore that users must have obligations to uphold fundamental rights as well. The first part of this series on the AI Act explored what types of AI are covered and what obligations are applicable to each AI actor. The second part of this series offered a brief explanation of the profound importance of providers' comprehending and adhering to the provider obligations. In the third and final article of this series, Sean Musch and Michael Charles Borrelli, from AI & Partners, and Charles Kerrigan, from CMS UK, explore the significance of comprehending these provider obligations and places them in the broader context of the ever-evolving AI terrain.

In this Insight article, Sarah Cameron and Krish Khanna, from Pinsent Masons LLP, delve into the intricacies of global artificial intelligence (AI) regulation, examining diverse national approaches and their implications for businesses, standards, and international collaboration.

In this Insight article, Joanne Bone, Partner at Irwin Mitchell LLP, explores the impending data protection law reform in the UK, focusing on the proposed replacement of data protection officers (DPOs) with senior responsible individuals (SRIs).

The EU Artificial Intelligence Act (AI Act) is part of the overarching EU Digital Strategy. The strategy 'focuses on putting people first in developing technology, and defending and promoting European values and rights in the digital world.'1

On December 8, 2023, after an extensive discussion that lasted several days and was preceded by months of intense negotiations, the EU Parliament, Council, and Commission announced that they had reached a provisional agreement on the AI Act. 

This is not the end of the legislative process since this is only a political agreement, and for the AI Act to become EU legislation both the Parliament and Council are required to formally adopt the same. A reasonable forecast is that enactment will take place by the end of 2024, but it remains to be seen how discussions will proceed. These discussions will be focused on the actual text of the AI Act, which may be different from the text that is available today. In this Insight article, Francesca Gaudino, from Baker & McKenzie LLP, comments on the current text of the AI Act, which may be amended upon formal adoption by the Parliament and Council. 

In this Insight article, Daniela Schott, from KINAST, explores the intricacies of data protection in artificial intelligence (AI) system development, shedding light on the critical considerations, legal foundations, and guidelines provided by the French Data Protection Authority (CNIL).

In the context of business operations, understanding providers' obligations under the EU Artificial Intelligence Act (the AI Act) remains key given their position as a key actor in the artificial intelligence (AI) value chain. The first part of this series on the AI Act explored what types of AI are covered and what obligations are applicable to each AI actor. In this article, Sean Musch and Michael Charles Borrelli, from AI & Partners, and Charles Kerrigan, from CMS UK, aim to offer a brief explanation of the profound importance of providers' comprehending and adhering to these obligations, which extend beyond a mere checklist of regulatory requirements. Part three of this series explores the significance of comprehending these provider obligations.

This article is accurate as of its time of publication and will be updated to reflect any changes to the AI Act.

In this Insight article, Emily Jones and Vishal Patel, from Simmons & Simmons LLP, highlight the key proposals affecting providers of Part 3 Services, arising from the Office of Communications (Ofcom) proposals included within its Illegal Harms Consultation (IHC) published on November 9, 2023, on elements of the UK's Online Safety Act (OSA). 

On June 4, 2021, the European Commission (the Commission) released a new set of Standard Contractual Clauses (SCCs), which included Module 4. In this Insight article, Charlotte Gerrish and Evane Alexandre, from Gerrish Legal, look at the contents of Module 4, what its purpose is, and who can use it.

Feedback