The EU AI Act’s prohibitions came into effect on 2 February 2025 and carry fines of 7% worldwide annual turnover for non-compliance. The prohibitions at Article 5 and accompanying recitals (particularly recitals 28-44) set out a complex set of provisions. The guidelines published by the Commission on 4 February 2025 (the guidelines) were welcome for…

Happy February 20th and Information Governance Day! Today is an opportunity to reflect on the evolution of information governance and, more importantly, its future. In our view, information governance is in its ascendency and is only becoming more and more important to our clients.

We have been providing legal advice on information governance (IG) to…

On 5 February 2025, the Advocate General of the Court of Justice of the European Union (CJEU) issued its opinion in the case of C 413/23 P European Data Protection Supervisor (EDPS) v Single Resolution Board (SRB) (Opinion). The Opinion takes the view that personal data which has been pseudonymised and shared with a third-party…

On December 5, 2024, the Canadian Securities Administrators (CSA) released CSA Staff Notice and Consultation 11-348 – Applicability of Canadian Securities Laws and the Use of Artificial Intelligence Systems in Capital Markets (the Notice). The Notice was issued in light of the continued growth in the use of artificial intelligence (AI) systems in capital markets,…

The final days of 2024 were very eventful in the world of AI and data protection: the European Data Protection Board (EDPB) published its Article 64 General Data Protection Regulation (GDPR) opinion on training AI models using personal data (the EDPB Opinion). Two days later, the Italian Garante per la Protezione dei Dati Personali (Garante)…