The European Data Protection Board (EDPB) has published a landmark Opinion addressing key challenges in AI and data protection.
The Opinion examines when AI models can be considered anonymous, requiring developers to implement robust safeguards against re-identification risks. It also provides guidance on using legitimate interest as a legal basis under GDPR, emphasising the need to balance AI innovation with individuals’ rights and freedoms.
Additionally, the EDPB highlights the consequences of using unlawfully processed data, with possible corrective action including retraining or destroying non-compliant models. Societal risks such as discrimination, deepfake misuse, and data regurgitation are also addressed, with recommendations for safeguards like pseudonymisation and transparency measures.
BDO Malta offers specialised legal support to businesses, helping them conduct risk assessments, implement privacy-by-design frameworks, and establish robust data governance to navigate these complex regulations and ensure responsible AI compliance.