Spain: AEPD publishes blog on AI transparency
On September 20, 2023, the Spanish data protection authority (AEPD) released a blog post on the evolving landscape of transparency in artificial intelligence (AI). The post emphasized a fundamental distinction between the Proposal for a Regulation on laying down harmonized rules on artificial intelligence (draft AI Act) and the transparency principle under the General Data Protection Regulation (GDPR). While the transparency principle under the GDPR obligates data controllers to inform individuals about the impact of their personal data processing, the draft AI Act provides, amongst other things, that "High-risk AI systems shall be designed and developed in such a way to ensure that their operation is sufficiently transparent with a view to achieving compliance with the relevant obligations of the user and of the provider set out in Chapter 3 of this Title and enabling users to understand and use the system appropriately."
The AEPD highlighted that the obligations regarding transparency of the AI systems should be implemented by design and along their life cycle independently if the process personal data, therefore, the term 'transparency' in the draft AI Act is used with a different meaning than transparency principle under the GDPR.
You can read the blog post here.