Privacy Community

The European Commission circulated on Sunday (19 November) a possible compromise on the AI law to break the deadlock on foundation models, applying the tiered approach to General Purpose AI and introducing codes of practice for models with systemic risks.

The AI Act is a landmark bill to regulate Artificial Intelligence based on its potential risks. The legislative proposal is currently at the last phase of the legislative process, so-called trilogues, between the EU Commission, Council and Parliament.

In the past weeks, the EU policymakers involved have been butting heads on regulating powerful foundation models like GPT-4, which powers the world’s most famous chatbot, ChatGPT, a versatile type of system known as General Purpose AI.

[continue reading on the source web page]

A microtargeted advertising controversy which has implicated European Union lawmakers in privacy-hostile practices banned by laws they had a hand in passing is the subject of a new complaint by privacy rights not-for-profit, noyb.

The complaint against the EU Commission’s Directorate General for Migration and Home Affairs is being filed today, with the European Data Protection Supervisor (EDPS), which oversees EU institutions’ compliance with the bloc’s data protection laws.

*[continue reading on the source web page]*r

The Spanish presidency has requested a revised mandate on the European Media Freedom Act (EMFA) ahead of the next interinstitutional negotiating session when most of the upcoming media legislation is expected to be closed.

The EMFA is a legislative proposal to increase media independence and pluralism. The bill is currently at the last phase of the legislative process whereby the EU Council, Parliament and Commission meet in so-called trilogue formats to hash out the final provisions.

[continue reading on the source web page]

Dublin, Ireland — An investigation by the Irish Council for Civil Liberties (ICCL) reveals widespread trade in data about sensitive European personnel and leaders that puts them at risk of blackmail, hacking and compromise, and undermines the security of their organisations and institutions.

[continue reading on the source web page]

A technical meeting on the EU’s AI regulation broke down on Friday (10 November) after large EU countries asked to retract the proposed approach for foundation models. Unless the deadlock is broken in the coming days, the whole legislation is at risk.

The AI Act is a landmark bill to regulate Artificial Intelligence following a risk-based approach. The file is currently in the last phase of the legislative process, with the main EU institutions gathered in so-called trilogues to hash out the final dispositions of the law.

[continue reading on the source web page]

Study on the Essence of the fundamental rights to privacy and to the protection of personal data

The EU lawmakers spearheading the work on the AI rulebook suggested a first set of criteria to identify the most powerful foundation models that must follow a specific regime.

The AI Act is a landmark EU legislation to regulate Artificial Intelligence based on its potential to harm people. The file is currently at the last stage of the legislative process, so-called trilogues, whereby the EU Commission, Parliament, and Council hash out the final provisions.

One of the sticking points in this late stage of the negotiations has been dealing with foundation models like GPT-4, on which several AI applications can be built, like the world’s most famous chatbot, ChatGPT.

On Tuesday (7 November), Euractiv exclusively revealed that the Spanish EU Council presidency, which leads the negotiations on behalf of the Council, circulated a first draft of obligations for foundation models, including the most powerful ones, dubbed ‘high-impact’.

On Wednesday, the offices of the European Parliament’s co-rapporteurs Dragoș Tudorache and Brando Benifei shared a reaction to the presidency’s draft with MEPs. The co-rapporteurs’ text will be discussed at a political meeting on Thursday.

[continue reading on the source web page]

The Commission welcomes the final agreement reached today by the European Parliament and the Council of the EU at the final trilogue on the Regulation introducing European Digital Identity Wallets. This concludes the co-legislators' work implementing the results of the provisional political agreement reached on 29 June 2023 on a legal framework for an EU Digital Identity, the first trusted and secure digital identity framework for all Europeans.

[continue reading on the source web page]

What is the European Digital Identity Wallet?

EU Digital Identity Wallets are personal digital wallets, in the form of apps allowing citizens to digitally identify themselves, store and manage identity data and official documents in digital form. These may include a driving licence, medical prescriptions or educational qualifications.

[continue reading on the source web page]

The European Commission is currently investigating whether iMessage should fall under the Digital Markets Act (DMA) and therefore be subject to interoperability rules. Google and local carriers have sent a letter to regulators in Europe arguing that iMessage should be considered a “core” service.

[continue reading on the source web page]

Key negotiators in the European Parliament have announced making a breakthrough in talks to set MEPs’ position on a controversial legislative proposal aimed at regulating how platforms should respond to child sexual abuse risks.

The European Union’s executive body, the Commission, presented a proposal for a regulation in this area last year but the plan has generated major controversy — with warnings the planned legislation could see platforms served detection orders that mandate the scanning of all users’ private messages. The draft proposal includes a requirement for platforms served with detection orders to scan for known and unknown child sexual abuse material (CSAM) and also try to pick up grooming activity taking place in real time.

[continue reading on the source web page]

As part of their transparency obligations under the Digital Services Act (DSA), designated Very Large Online Platforms and Very Large Online Search Engines are due to publish their first transparency reports – and some did so already. online platforms at a finger's tip on a mobile phone © ipopba - iStock Getty Images Plus The first seven platforms have already published their reports, and the rest have until 6 November to do so. These first seven platforms are Amazon, LinkedIn, TikTok, Pinterest, Snapchat, Zalando (.pdf) and Bing.

The transparency report, together with a Commission database on statements of reasons, as well as additional requirements for designated services, such as the future data access for researchers, will ensure transparency and accountability over content moderation online – for the benefit of citizens, researchers and regulators. This will contribute significantly to public scrutiny and accountability.

[continue reading on the source web page]

The EU lawmakers spearheading the work on the EU’s AI bill have circulated a new version of the provisions regarding the classification of high-risk AI systems, maintaining the filter-based approach despite a contrary legal opinion.

The AI Act is a landmark EU legislation to regulate Artificial Intelligence following a risk-based approach. At the heart of the law is a stricter regime for AI systems that pose a significant risk to people’s health, safety and fundamental rights, which must comply with tight requirements regarding risk management and data governance.

[continue reading on the source web page]

EU policymakers have been discussing some filter conditions that would enable AI developers to avoid complying with the EU Artificial Intelligence’s law stricter regime. But this political compromise is running into significant legal troubles.

The AI Act is an EU landmark legislation to regulate Artificial Intelligence based on its capacity to cause harm. As such, the law follows a risk-based approach whereby AI models posing a significant risk to people’s health, safety and fundamental rights must comply with a stricter regime on aspects such as data governance and risk management.

[continue reading on the source web page]

The negotiators of the EU’s artificial intelligence regulation should strengthen and empower the regulators. Otherwise, the enforcement of this regulation will be a struggle, writes Kris Shrishak.

Kris Shrishak is a Senior Fellow at the Irish Council for Civil Liberties, where he works on technology policy with a focus on algorithmic decision-making, surveillance, data rights, and privacy.

Imagine you have been handed the responsibility to be a key regulator for the first cross-sectoral AI regulation in the world. Now imagine that you are given scarce resources and your hands are tied.

This unenviable scenario could be the reality of future regulators of the EU’s AI Act.

The EU prides itself on having the “Brussels effect”. At the same time, it is working to produce a law that large tech companies would happily welcome and lobby to dilute further.

[continue reading on the source web page]

The EU approach to powerful AI models is taking shape as European countries discuss possible concessions in the upcoming negotiations on the world’s first comprehensive Artificial Intelligence (AI) rulebook.

The Spanish presidency of the EU Council of Ministers shared on Tuesday (17 October) a document in preparation for the next political negotiation with the European Parliament and Commission on 24 October, the so-called trilogues.

The document, seen by Euractiv, details a series of possible landing zones on the AI Act, a flagship legislative proposal to regulate AI based on its capacity to cause harm. The compromises concern critical areas of the text, including how to deal with foundation models, large machine-learning models trained on vast data sets that generate responses based on a specific stimulus.

[continue reading on the source web page]

The European Commission adopted on Wednesday (18 October) a recommendation calling on member states to speed up the establishment of authorities to deal with illegal online content and bolster their incident response coordination.

Internal Market Commissioner Thierry Breton announced the initiative at the European Parliament during the plenary session in Strasbourg, making the case for the need to ramp up the fight against the dissemination of illegal content in times of conflict.

[continue reading on the source web page]

The Spanish presidency circulated three discussion papers on Friday (13 October) to gather EU countries’ feedback on key aspects of the AI law ahead of an upcoming negotiation session: fundamental rights, sustainability obligations and workplace decision-making.

The AI Act is a landmark legislative proposal to regulate Artificial Intelligence based on its potential to cause harm. Since they took over the presidency of the EU Council of Ministers, the Spaniards have prioritised closing the negotiations on the file with the European Parliament and Commission.

The Telecom Working Party, a technical body of the Council, will discuss possible flexibility to accord to the lead negotiators on Tuesday and Thursday. On Friday, the file will land on the table of the Committee of Permanent Representatives, with the view of providing a revised negotiating mandate for the next political trilogue with the other EU institutions on 25 October.

[continue reading on the source web page]

The Commission launched today a stakeholder survey on draft International Guiding Principles for organisations developing advanced AI systems, which have been agreed by G7 ministers for stakeholder consultation. graphic showing a human hand holding a hexagone with AI written in the middle iStock photo Getty Images plus These principles are currently developed by G7 Members under the Hiroshima Artificial Intelligence process to set up guardrails on a global level. The eleven draft guiding principles, which cover advanced AI systems such as foundational models and generative AI, aim to promote safety and trustworthiness of the technology. On this basis, G7 members aim to compile a Code of Conduct that will provide guidance for organisations developing AI tools.

[continue reading on the source web page]

EDPS Opinion 42/2023 on the Proposal for two Directives on AI liability rules

In response to growing threats to media freedom and the industry’s viability, MEPs adopted their position on a law to strengthen the transparency and independence of EU media.

In its position on the European Media Freedom Act, adopted by 448 votes in favour, 102 against and 75 abstentions on Tuesday, Parliament wants to oblige member states to ensure media plurality and protect media independence from governmental, political, economic or private interference.

MEPs want to ban all forms of interference in the editorial decisions of media outlets and prevent external pressure being exerted on journalists, such as forcing them to disclose their sources, accessing encrypted content on their devices, or targeting them with spyware.

The use of spyware may only be justified, MEPs argue, as a ‘last resort’ measure, on a case-by-case basis, and if ordered by an independent judicial authority to investigate a serious crime, such as terrorism or human trafficking.

[continue reading on the source web page]

The new trade instrument is primarily meant as a deterrent, but it will allow the EU to fight economic coercion and respond with its own countermeasures.

With 578 votes to 24 and 19 abstentions. Parliament approved on Tuesday a new trade instrument to enable the EU to respond, in line with international law and as a last resort, should the EU or member states face economic blackmail from a foreign country seeking to influence a specific policy or stance.

[continue reading on the source web page]

On those grounds,

THE PRESIDENT OF THE GENERAL COURT

hereby orders:

1. Operation of the decision of the European Commission of 25 April 2023, with reference C(2023) 2746 final, designating Amazon Store as a very large online platform in accordance with Regulation (EU) 2022/2065 of the European Parliament and of the Council of 19 October 2022 on a Single Market For Digital Services and amending Directive 2000/31/EC (Digital Services Act), is suspended in so far as, by virtue of that decision, Amazon Store will be required to make an advertisement repository publicly available, in accordance with Article 39 of that regulation, without prejudice to the requirement for the applicant to compile the advertisement repository.
2. The application for interim measures is dismissed as to the remainder.
3. The costs are reserved.

[continue reading on the source web page]

The Commission has launched the DSA Transparency Database, putting in action one of the many ground-breaking transparency features mandated by the DSA.

Under the DSA, all providers of hosting services are required to provide users with clear and specific information, so-called statements of reasons, whenever they remove or restrict access to certain content. The new database will collect these statements of reasons in accordance with Article 24(5) of the DSA. This makes this database a first-of-its-kind regulatory repository, where data on content moderation decisions taken by providers of online platforms active in the EU are accessible to the general public at an unprecedented scale and granularity, enabling more online accountability.

[continue reading on the source web page]

The Data Governance Act entered into application on 24 September 2023. The Regulation creates a new European way of data governance based on increasing trust in data sharing.

It aims to create a safe environment for sharing data across sectors and Member States to benefit society and the economy. The Data Governance Act also allows novel data intermediaries to act as trustworthy actors in the data economy. Entities engaging in data altruism can register voluntarily as data altruism organisations. This will provide maximum trust with minimum administrative burden. The rules related to data altruism will help individuals and companies to donate data in a safe and trustworthy way in order to contribute to wider societal goals such as fighting a pandemic. The reuse of public sector data that cannot be made available as open data will also be enhanced. All of these tools will increase data flows, thereby supporting the development of common European data spaces, such as manufacturing, cultural heritage, agriculture and health.

[continue reading on the source web page]