European Data Protection Supervisor’s guidelines for protecting privacy from AI

Brussels – Seizing the opportunities of generative artificial intelligence while reaffirming the security of individuals as the cornerstone: The European Data Protection Supervisor (EDPS) published today (June 3) a document that shares the guidelines for data processing and protection.

The addressees are the institutions, bodies, offices, and agencies of the European Union.

With this tool, the Supervisor has expressed the basic principles of data protection by combining them with concrete examples, such as some suggestions for preventing risks. The guidelines focus on a number of precise directions: a checklist for European bodies so they can understand whether the use of artificial intelligence involves processing people’s data, cases in which to conduct a data protection impact assessment, and other essential recommendations. With this document, the EGPD highlighted the challenges and opportunities of generative artificial intelligence systems and tools.

Wojciech Wiewiórowski, European Data Protection Supervisor, commented on the guidelines, “They are a first step toward broader recommendations in response to the evolving landscape of generative artificial intelligence tools.” Wiewiórowski was keen to point out that protecting people’s privacy even within European institutions is a key step: “The opinion published today is drafted to cover as many scenarios involving the use of generative artificial intelligence as possible.”

The EGDP is an independent data protection authority for the IEUs so that their actions comply with EU data protection regulations, particularly the EU Regulation 2018/1725. The European Supervisor is also working on publishing a strategy regarding EU oversight in the development of artificial intelligence.