• |

Mar. 12, 2025

AI Meets GDPR: Mitigating Risks and Scaling Compliance in the Development and Deployment of AI Models

  • Lori Tripoli
    Anti-Corruption Report
The European Data Protection Board opinion 28/2024 (Opinion), on the processing of personal data in the context of artificial intelligence (AI) models, conveys a clear message that entities developing and deploying these models need to take a proactive, risk-based approach to data protection. Companies subject to the E.U. General Data Protection Regulation (GDPR), as well as emerging regulations in various U.S. jurisdictions, face challenges in complying with ever complex layers of legal requirements. This second article in a two-part series covering the Opinion offers best practices for controllers when processing personal data in the context of AI development and deployment, suggests strategies for navigating the regulatory landscape, and examines the Opinion’s impact in the broader AI and privacy legal arena. It includes practical insights from A&O Shearman, Bird & Bird, McDermott Will & Emery, Morrison Foerster and Steptoe. Part one discussed significant elements of the Opinion and its implications for entities subject to the GDPR. See “CJEU Decision Adds Antitrust Regulators as New GDPR Concern for Companies” (Aug. 16, 2023).

To read the full article

Continue reading your article with an ACR subscription.

Most-Read Articles

Women to Watch: Contributions, Achievements and Observations of Outstanding Female Professionals

To mark International Women’s Day, women editors and reporters at ION Analytics interviewed outstanding women in the industries and jurisdictions we cover. In this part, Law Report Group editors Jill Abitbol, Robin L. Barton and Megan Zwiebel profile notable women in data privacy, cybersecurity, private funds and anti-corruption law, including Anne-Gabrielle Haie, Jessica Lee, Micaela McMurrough, Laura Perkins, Amanda Raad, Madelyn Calabrese, Ranah Esmaili and Genna Garver. Enjoy reading their inspiring remarks here.