Data protection and digital competition
by Ian Brown and Douwe Korff
Prof. David Erdos has shared his latest (excellent) research showing i) little UK GDPR enforcement, ii) a worrying gap with formal law expectations & iii) limited accountability for this. I hope the European Commission is not going down the same route with the Digital Markets Act.
Continue reading
Forthcoming reports for the EU by two former Italian prime ministers, “Super” Mario Draghi and Enrico Letta, are likely to be very influential on the next European Commission and Parliament. Here are some potentially far-reaching tech regulation-related comments they’ve made so far.
Continue reading
As well as the Belgian Data Protection Authority decision I criticised earlier this week, it appears the French DPA has issued similar guidance on the use of personal data to train AI models. My detailed analysis below shows that, in relation to purpose-specific AI systems, it makes no sense: the training of the system cannot be separated from the ultimate purpose of the system. This has a major bearing on the issue of compatibility.
Continue reading
On 15 March, the Belgian Data Protection Authority issued a decision under the GDPR on the use, by a bank, of the transaction data of its customers to build direct marketing data models. This analysis shows why that decision was fundamentally flawed.
Continue reading
Cristina Caffarra’s annual competition-fest today in Brussels was as speaker- and content-packed as ever. As well as much discussion of the eagerly anticipated deadline for Digital Markets Act compliance in five weeks, it was a fascinating look beyond narrow antitrust policy to competition policy linkages with industrial and trade policy (with lots of AI on the side).
Continue reading
On 17 October 2023, the UK First-Tier Tribunal held the use of the surveillance system offered by the US company Clearview by non-UK law enforcement and intelligence agencies constituted “an activity which, immediately before [Brexit] completion day, fell outside the scope of EU law”, and hence the GDPR. In this brief analysis, I look at why the Tribunal came to this conclusion, and show it is fundamentally flawed.
Continue reading
The European Data Protection Supervisor Opinion is a well-meant but ultimately futile and doomed attempt to put parts of a thing – the Commission’s proposed framework for financial data sharing – into a box – the General Data Protection Regulation (GDPR) – from which it is designed to escape.
Continue reading
This is often a critique of data protection as a mechanism for AI regulation. But especially when combined with human rights and specific anti-discrimination law, how much of a gap does that leave?
Continue reading
The new US Executive Order does not change the fact the US authorities insist on carrying out indiscriminate, untargeted mass surveillance, also of EU persons and EU governmental and non-governmental entities, by means of bulk collection of data, without independent substantive judicial oversight or effective redress.
Continue reading
Elon Musk’s takeover of Twitter is providing a great large-scale natural experiment on a number of aspects of interoperability, as tens of thousands of users at least partially switch to alternative services, particularly in the interoperable Fediverse. Can we turn the migration into a stampede?
Continue reading
Recent Comments