The European Data Protection Supervisor (EDPS) has released Version 2 of its orientations, providing updated guidance to European Union institutions, bodies, offices, and agencies (EUIs) on ensuring data protection compliance when using Generative AI systems and processing personal data. This revision offers practical advice and instructions to help EUIs navigate the challenges of rapid technological advancements and comply with their obligations under Regulation (EU) 2018/1725. The key updates include a refined definition of generative AI, a new action-oriented compliance checklist to aid in assessing the lawfulness of processing, and clarification on roles and responsibilities (controller, joint controller, or processor) within generative AI systems. Furthermore, the guidance provides detailed advice on establishing lawful bases for processing, adhering to purpose limitation principles, and effectively managing data subjects’ rights in this context.
Click here for the official article/release
Disclaimer
The Legal Wire takes all necessary precautions to ensure that the materials, information, and documents on its website, including but not limited to articles, newsletters, reports, and blogs (“Materials”), are accurate and complete. Nevertheless, these Materials are intended solely for general informational purposes and do not constitute legal advice. They may not necessarily reflect the current laws or regulations. The Materials should not be interpreted as legal advice on any specific matter. Furthermore, the content and interpretation of the Materials and the laws discussed within are subject to change.
