Four years of GDPR: New tech testing data privacy law’s longevity?
PA’s Sharad Patel, a GDPR expert, comments on the four year anniversary of the General Data Protection Regulation (GDPR) and whether it is being outpaced by technological developments and their use of data.
The article looks at how data protection authorities (DPAs) broadly believe that the regulation’s underlying principles of lawfulness, fairness, and transparency make it “future-proof” to cover developments in artificial intelligence (AI), machine learning, cloud computing, and data.
The article goes on to explore how DPAs are trying to resolve conflicts between the GDPR and tech development and use. Commenting on this Sharad says: “To avoid violating the GDPR when using technologies such as biometrics, AI, and machine learning, companies need to improve their awareness of regulatory enforcement trends by continuously horizon scanning, understanding what new regulations, guidance, and fines have been published by the regulators in the geographies they operate and process data in and understanding the impact on their own organisations.”
He adds: “Compliance departments need to be aware of the technologies being used across their organizations, as sometimes new AI technologies are deployed and implemented without their knowledge. It is also important to review privacy frameworks on a regular basis (once every six months) and expand them to include items such as data ethics and fair use of AI policies and guidance.”
Commenting further he says: “It is important all business units are made aware of privacy risks in using new technologies and provided specific guidance to avoid them before any new systems are deployed.”