Privacy Community
www.euractiv.com
**The European Commission circulated on Sunday (19 November) a possible compromise on the AI law to break the deadlock on foundation models, applying the tiered approach to General Purpose AI and introducing codes of practice for models with systemic risks.** The AI Act is a landmark bill to regulate Artificial Intelligence based on its potential risks. The legislative proposal is currently at the last phase of the legislative process, so-called trilogues, between the EU Commission, Council and Parliament. In the past weeks, the EU policymakers involved have been butting heads on regulating powerful foundation models like GPT-4, which powers the world’s most famous chatbot, ChatGPT, a versatile type of system known as General Purpose AI. *** *[continue reading on the source web page]*
techcrunch.com
A microtargeted advertising controversy which has implicated European Union lawmakers in privacy-hostile practices banned by laws they had a hand in passing is the subject of a new complaint by privacy rights not-for-profit, noyb. The complaint against the EU Commission’s Directorate General for Migration and Home Affairs is being filed today, with the European Data Protection Supervisor (EDPS), which oversees EU institutions’ compliance with the bloc’s data protection laws. *** *[continue reading on the source web page]*r
www.euractiv.com
The Spanish presidency has requested a revised mandate on the European Media Freedom Act (EMFA) ahead of the next interinstitutional negotiating session when most of the upcoming media legislation is expected to be closed. The EMFA is a legislative proposal to increase media independence and pluralism. The bill is currently at the last phase of the legislative process whereby the EU Council, Parliament and Commission meet in so-called trilogue formats to hash out the final provisions. *** *[continue reading on the source web page]*
www.iccl.ie
Dublin, Ireland — An investigation by the Irish Council for Civil Liberties (ICCL) reveals widespread trade in data about sensitive European personnel and leaders that puts them at risk of blackmail, hacking and compromise, and undermines the security of their organisations and institutions. *** *[continue reading on the source web page]*
www.euractiv.com
A technical meeting on the EU’s AI regulation broke down on Friday (10 November) after large EU countries asked to retract the proposed approach for foundation models. Unless the deadlock is broken in the coming days, the whole legislation is at risk. The AI Act is a landmark bill to regulate Artificial Intelligence following a risk-based approach. The file is currently in the last phase of the legislative process, with the main EU institutions gathered in so-called trilogues to hash out the final dispositions of the law. *** *[continue reading on the source web page]*
edps.europa.eu
Study on the Essence of the fundamental rights to privacy and to the protection of personal data
www.euractiv.com
**The EU lawmakers spearheading the work on the AI rulebook suggested a first set of criteria to identify the most powerful foundation models that must follow a specific regime.** The AI Act is a landmark EU legislation to regulate Artificial Intelligence based on its potential to harm people. The file is currently at the last stage of the legislative process, so-called trilogues, whereby the EU Commission, Parliament, and Council hash out the final provisions. One of the sticking points in this late stage of the negotiations has been dealing with foundation models like GPT-4, on which several AI applications can be built, like the world’s most famous chatbot, ChatGPT. On Tuesday (7 November), Euractiv exclusively revealed that the Spanish EU Council presidency, which leads the negotiations on behalf of the Council, circulated a first draft of obligations for foundation models, including the most powerful ones, dubbed ‘high-impact’. On Wednesday, the offices of the European Parliament’s co-rapporteurs Dragoș Tudorache and Brando Benifei shared a reaction to the presidency’s draft with MEPs. The co-rapporteurs’ text will be discussed at a political meeting on Thursday. *** *[continue reading on the source web page]*
ec.europa.eu
The Commission welcomes the final agreement reached today by the European Parliament and the Council of the EU at the final trilogue on the Regulation introducing European Digital Identity Wallets. This concludes the co-legislators' work implementing the results of the provisional political agreement reached on 29 June 2023 on a legal framework for an EU Digital Identity, the first trusted and secure digital identity framework for all Europeans. *** *[continue reading on the source web page]*
ec.europa.eu
What is the European Digital Identity Wallet? EU Digital Identity Wallets are personal digital wallets, in the form of apps allowing citizens to digitally identify themselves, store and manage identity data and official documents in digital form. These may include a driving licence, medical prescriptions or educational qualifications. *** *[continue reading on the source web page]*
9to5google.com
The European Commission is currently investigating whether iMessage should fall under the Digital Markets Act (DMA) and therefore be subject to interoperability rules. Google and local carriers have sent a letter to regulators in Europe arguing that iMessage should be considered a “core” service. *** *[continue reading on the source web page]*
techcrunch.com
Key negotiators in the European Parliament have announced making a breakthrough in talks to set MEPs’ position on a controversial legislative proposal aimed at regulating how platforms should respond to child sexual abuse risks. The European Union’s executive body, the Commission, presented a proposal for a regulation in this area last year but the plan has generated major controversy — with warnings the planned legislation could see platforms served detection orders that mandate the scanning of all users’ private messages. The draft proposal includes a requirement for platforms served with detection orders to scan for known and unknown child sexual abuse material (CSAM) and also try to pick up grooming activity taking place in real time. *** *[continue reading on the source web page]*
As part of their transparency obligations under the Digital Services Act (DSA), designated Very Large Online Platforms and Very Large Online Search Engines are due to publish their first transparency reports – and some did so already. online platforms at a finger's tip on a mobile phone © ipopba - iStock Getty Images Plus The first seven platforms have already published their reports, and the rest have until 6 November to do so. These first seven platforms are Amazon, LinkedIn, TikTok, Pinterest, Snapchat, Zalando (.pdf) and Bing. The transparency report, together with a Commission database on statements of reasons, as well as additional requirements for designated services, such as the future data access for researchers, will ensure transparency and accountability over content moderation online – for the benefit of citizens, researchers and regulators. This will contribute significantly to public scrutiny and accountability. *** *[continue reading on the source web page]*
www.euractiv.com
The EU lawmakers spearheading the work on the EU’s AI bill have circulated a new version of the provisions regarding the classification of high-risk AI systems, maintaining the filter-based approach despite a contrary legal opinion. The AI Act is a landmark EU legislation to regulate Artificial Intelligence following a risk-based approach. At the heart of the law is a stricter regime for AI systems that pose a significant risk to people’s health, safety and fundamental rights, which must comply with tight requirements regarding risk management and data governance. *** *[continue reading on the source web page]*
www.euractiv.com
EU policymakers have been discussing some filter conditions that would enable AI developers to avoid complying with the EU Artificial Intelligence’s law stricter regime. But this political compromise is running into significant legal troubles. The AI Act is an EU landmark legislation to regulate Artificial Intelligence based on its capacity to cause harm. As such, the law follows a risk-based approach whereby AI models posing a significant risk to people’s health, safety and fundamental rights must comply with a stricter regime on aspects such as data governance and risk management. *** *[continue reading on the source web page]*
www.euractiv.com
The negotiators of the EU’s artificial intelligence regulation should strengthen and empower the regulators. Otherwise, the enforcement of this regulation will be a struggle, writes Kris Shrishak. Kris Shrishak is a Senior Fellow at the Irish Council for Civil Liberties, where he works on technology policy with a focus on algorithmic decision-making, surveillance, data rights, and privacy. Imagine you have been handed the responsibility to be a key regulator for the first cross-sectoral AI regulation in the world. Now imagine that you are given scarce resources and your hands are tied. This unenviable scenario could be the reality of future regulators of the EU’s AI Act. The EU prides itself on having the “Brussels effect”. At the same time, it is working to produce a law that large tech companies would happily welcome and lobby to dilute further. *** *[continue reading on the source web page]*
www.euractiv.com
The EU approach to powerful AI models is taking shape as European countries discuss possible concessions in the upcoming negotiations on the world’s first comprehensive Artificial Intelligence (AI) rulebook. The Spanish presidency of the EU Council of Ministers shared on Tuesday (17 October) a document in preparation for the next political negotiation with the European Parliament and Commission on 24 October, the so-called trilogues. The document, seen by Euractiv, details a series of possible landing zones on the AI Act, a flagship legislative proposal to regulate AI based on its capacity to cause harm. The compromises concern critical areas of the text, including how to deal with foundation models, large machine-learning models trained on vast data sets that generate responses based on a specific stimulus. *** *[continue reading on the source web page]*
www.euractiv.com
The European Commission adopted on Wednesday (18 October) a recommendation calling on member states to speed up the establishment of authorities to deal with illegal online content and bolster their incident response coordination. Internal Market Commissioner Thierry Breton announced the initiative at the European Parliament during the plenary session in Strasbourg, making the case for the need to ramp up the fight against the dissemination of illegal content in times of conflict. *** *[continue reading on the source web page]*
www.euractiv.com
The Spanish presidency circulated three discussion papers on Friday (13 October) to gather EU countries’ feedback on key aspects of the AI law ahead of an upcoming negotiation session: fundamental rights, sustainability obligations and workplace decision-making. The AI Act is a landmark legislative proposal to regulate Artificial Intelligence based on its potential to cause harm. Since they took over the presidency of the EU Council of Ministers, the Spaniards have prioritised closing the negotiations on the file with the European Parliament and Commission. The Telecom Working Party, a technical body of the Council, will discuss possible flexibility to accord to the lead negotiators on Tuesday and Thursday. On Friday, the file will land on the table of the Committee of Permanent Representatives, with the view of providing a revised negotiating mandate for the next political trilogue with the other EU institutions on 25 October. *** *[continue reading on the source web page]*
The Commission launched today a stakeholder survey on draft International Guiding Principles for organisations developing advanced AI systems, which have been agreed by G7 ministers for stakeholder consultation. graphic showing a human hand holding a hexagone with AI written in the middle iStock photo Getty Images plus These principles are currently developed by G7 Members under the Hiroshima Artificial Intelligence process to set up guardrails on a global level. The eleven draft guiding principles, which cover advanced AI systems such as foundational models and generative AI, aim to promote safety and trustworthiness of the technology. On this basis, G7 members aim to compile a Code of Conduct that will provide guidance for organisations developing AI tools. *** *[continue reading on the source web page]*
www.europarl.europa.eu
**In response to growing threats to media freedom and the industry’s viability, MEPs adopted their position on a law to strengthen the transparency and independence of EU media.** In its position on the European Media Freedom Act, adopted by 448 votes in favour, 102 against and 75 abstentions on Tuesday, Parliament wants to oblige member states to ensure media plurality and protect media independence from governmental, political, economic or private interference. MEPs want to ban all forms of interference in the editorial decisions of media outlets and prevent external pressure being exerted on journalists, such as forcing them to disclose their sources, accessing encrypted content on their devices, or targeting them with spyware. The use of spyware may only be justified, MEPs argue, as a ‘last resort’ measure, on a case-by-case basis, and if ordered by an independent judicial authority to investigate a serious crime, such as terrorism or human trafficking. *** *[continue reading on the source web page]*
www.europarl.europa.eu
**The new trade instrument is primarily meant as a deterrent, but it will allow the EU to fight economic coercion and respond with its own countermeasures.** With 578 votes to 24 and 19 abstentions. Parliament approved on Tuesday a new trade instrument to enable the EU to respond, in line with international law and as a last resort, should the EU or member states face economic blackmail from a foreign country seeking to influence a specific policy or stance. *** *[continue reading on the source web page]*
On those grounds, THE PRESIDENT OF THE GENERAL COURT hereby orders: 1. **Operation of the decision of the European Commission of 25 April 2023, with reference C(2023) 2746 final, designating Amazon Store as a very large online platform in accordance with Regulation (EU) 2022/2065 of the European Parliament and of the Council of 19 October 2022 on a Single Market For Digital Services and amending Directive 2000/31/EC (Digital Services Act), is suspended in so far as, by virtue of that decision, Amazon Store will be required to make an advertisement repository publicly available, in accordance with Article 39 of that regulation, without prejudice to the requirement for the applicant to compile the advertisement repository.** 2. **The application for interim measures is dismissed as to the remainder.** 3. **The costs are reserved.** *** *[continue reading on the source web page]*
#### The Commission has launched the DSA Transparency Database, putting in action one of the many ground-breaking transparency features mandated by the DSA. Under the DSA, all providers of hosting services are required to provide users with clear and specific information, so-called statements of reasons, whenever they remove or restrict access to certain content. The new database will collect these statements of reasons in accordance with Article 24(5) of the DSA. This makes this database a first-of-its-kind regulatory repository, where data on content moderation decisions taken by providers of online platforms active in the EU are accessible to the general public at an unprecedented scale and granularity, enabling more online accountability. *** *[continue reading on the source web page]*
#### The Data Governance Act entered into application on 24 September 2023. The Regulation creates a new European way of data governance based on increasing trust in data sharing. It aims to create a safe environment for sharing data across sectors and Member States to benefit society and the economy. The Data Governance Act also allows novel data intermediaries to act as trustworthy actors in the data economy. Entities engaging in data altruism can register voluntarily as data altruism organisations. This will provide maximum trust with minimum administrative burden. The rules related to data altruism will help individuals and companies to donate data in a safe and trustworthy way in order to contribute to wider societal goals such as fighting a pandemic. The reuse of public sector data that cannot be made available as open data will also be enhanced. All of these tools will increase data flows, thereby supporting the development of common European data spaces, such as manufacturing, cultural heritage, agriculture and health. *** *[continue reading on the source web page]*
time.com
As the United Nations General Assembly gathered this week in New York, the U.N. Secretary-General's envoy on technology, Amandeep Gill, hosted an event titled Governing AI for Humanity, where participants discussed the risks that AI might pose and the challenges of achieving international cooperation on artificial intelligence. *** *[continue reading on the source web page]*
www.computerweekly.com
The proposed UK-US data bridge will formally open to traffic in just under three weeks, on Thursday 12 October, enabling UK businesses and organisations to transfer data to certified organisations in the US. The adequacy regulations establishing the long-awaited bridge were laid in Parliament by Michelle Donelan, the minister for science, innovation and technology, on Thursday 21 September, three days after US attorney general Merrick Garland signed off on the UK’s status as a “qualifying state” under Executive Order 14086. *** *[continue reading on the source web page]*
time.com
On 16th July 1945 the world changed forever. The Manhattan Project’s ‘Trinity’ test, directed by Robert Oppenheimer, endowed humanity for the first time with the ability to wipe itself out: an atomic bomb had been successfully detonated 210 miles south of Los Alamos, New Mexico. *** *[continue reading on the source web page]*
ec.europa.eu
Today, the European Chips Act enters into force. It puts in place a comprehensive set of measures to ensure the EU's security of supply, resilience and technological leadership in semiconductor technologies and applications. Semiconductors are the essential building blocks of digital and digitised products. From smartphones and cars, through critical applications and infrastructures for healthcare, energy, defence, communications and industrial automation, semiconductors are central to the modern digital economy. They are also at the centre of strong geostrategic interests and the global technological race. *** *[continue reading on the source web page]*
ec.europa.eu
Why a European Chips Act? Semiconductor chips are the essential building blocks of digital and digitised products. From smartphones and cars, through critical applications and infrastructures for healthcare, energy, communications and industrial automation, chips are central to the modern digital economy. The COVID-19 pandemic has exposed a weakness in the ecosystem within both Europe and other regions in the world experiencing significant shortages of chips. EU industries manufacture many types of high-tech products, of which chips are essential parts. *** *[continue reading on the source web page]*
Brussels, 21 September - The European Data Protection Board (EDPB) and the European Data Protection Supervisor (EDPS) adopted a Joint Opinion on the European Commission’s Proposal for a Regulation on additional procedural rules for the enforcement of the GDPR. This proposal aims to ensure the timely completion of investigations and the delivery of swift remedies for individuals in cross-border cases, by harmonising a number of procedural differences across the EU and streamlining the cross-border cooperation procedure. The proposal follows a wish list sent by the EDPB to the European Commission in October 2022. *** *[continue reading on the source web page]*
Brussels, 15 September – Following the EDPB’s binding dispute resolution decision, the Irish Data Protection Authority (IE DPA) has issued a final decision, finding, in particular, that TikTok Technology Limited (TikTok) infringed the GDPR's principle of fairness when processing personal data relating to children between the ages of 13 and 17. The EDPB's decision was issued on 2 August 2023 and covers TikTok's processing activities between 31 July and 31 December 2020. *** *[continue reading on the source web page]*
arstechnica.com
On Thursday, Microsoft announced that it will provide legal protection for customers who are sued for copyright infringement over content generated by the company's AI systems. This new policy, called the Copilot Copyright Commitment, is an expansion of Microsoft's existing intellectual property indemnification coverage, Reuters reports. *** *[continue reading on the source web page]*
www.wired.com
THE US GOVERNMENT should create a new body to regulate artificial intelligence—and restrict work on language models like OpenAI’s GPT-4 to companies granted licenses to do so. That’s the recommendation of a bipartisan duo of senators, Democrat Richard Blumenthal and Republican Josh Hawley, who launched a legislative framework yesterday to serve as a blueprint for future laws and influence other bills before Congress. *** *[continue reading on the source web page]*
www.gov.ca.gov
Published: Sep 06, 2023 WHAT YOU NEED TO KNOW: California is the global hub for generative artificial intelligence (GenAI) – we are the natural leader in this emerging field of technology – tools that could very well change the world. To capture its benefits for the good of society, but also to protect against its potential harms, Governor Newsom issued an executive order today laying out how California’s measured approach will focus on shaping the future of ethical, transparent, and trustworthy AI, while remaining the world’s AI leader. *** *[continue reading on the source web page]*
edps.europa.eu
On 10 of July 2023, the European Commission issued the Proposal for a Regulation of the European Parliament and of the Council amending Regulation (EC) No 223/2009 on European statistics (‘the Proposal’). *** *[continue reading on the source web page]*
ec.europa.eu
The European Commission has today designated, for the first time, six **gatekeepers - Alphabet, Amazon, Apple, ByteDance, Meta, Microsoft** - under the Digital Markets Act (DMA). In total, 22 core platform services provided by gatekeepers have been designated. The six gatekeepers will now have six months to ensure full compliance with the DMA obligations for each of their designated core platform services. *** *[continue reading on the source web page]*
edps.europa.eu
The EDPS published two Opinions: one on the proposal for a Regulation on a Financial Data Access Framework and one on the proposal for a Regulation and Directive on payment services in the EU’s internal market. Both proposals aim to foster the sharing of data to broaden the offer of financial services and products, whilst providing individuals or organisations control over the processing of their financial data. *** *[continue reading on the source web page]*
www.redhotcyber.com
L’intelligenza artificiale (IA) continua a trovare successo in una vasta gamma di settori, questo trionfo è direttamente collegato alla necessità imperativa di garantirne la sicurezza. L’Adversarial Machine Learning (ML) è un insieme di tecniche che gli avversari utilizzano per attaccare i sistemi di apprendimento automatico. Conoscere questa disciplina è fondamentale per comprendere e valutare i potenziali rischi a cui i sistemi di IA sono sottoposti da azioni avverse di attaccanti malintenzionati. *** *[continua a leggere sulla pagina web della fonte]*
www.dataprotection.ie
On 21 June 2023, following an inquiry concerning a complaint received against Airbnb Ireland UC (Airbnb), the Data Protection Commission (DPC) adopted a decision. The DPC commenced this inquiry on 4 March 2022, on foot of a complaint that Airbnb had unlawfully requested a copy of the complainant’s ID (ID) in order to verify their identity which had not been previously requested by Airbnb. The complainant further contended that this went against the principles of data minimisation and that Airbnb had also failed to comply with the principles of transparency and provision of information. Initial attempts by the complainant to verify their identity had been rejected by Airbnb as the ID provided did not meet their criteria. Ultimately the complainant verified their identity. *** *[continue reading on the source web page]*