Artificial Intelligence Act: GDPR Compliance

EU Parliament amends the AI Act, including AI rules and Union Legislative Acts changes. A key proposal removes GDPR as a basis for AI data processing. It also introduces representation rights for public bodies in AI-related complaints, and a right to explanation for all impacted by AI decisions.

Artificial Intelligence Act: GDPR Compliance Updates
EU GDPR Amendments

GDPR Amendments Proposed for the Artificial Intelligence Act

Source: European Parliament Keywords gdpr AI

The European Parliament has proposed amendments to the Artificial Intelligence Act (AIA) that includes harmonised rules on Artificial Intelligence (AI) and amends certain Union Legislative Acts. These amendments aim to strengthen the protection of individuals' rights and promote better AI literacy among citizens and consumers.




GDPR Amendments: The Future of AI

The proposed amendments have specific implications for financial institutions involved in the development, deployment, or use of AI systems.

  1. First amendment: One of the amendments deletes the General Data Protection Regulation (GDPR) as a legal basis for personal data processing in AI systems. This change would require financial institutions to adapt their data processing practices to comply with the new rules regarding AI and personal data.
  2. Second amendment: Another amendment grants public interest organizations the right to lodge complaints with national supervisory authorities on behalf of individuals who believe their rights have been infringed by an AI system. This provision increases the likelihood of regulatory scrutiny and investigations for financial institutions utilizing AI systems. To stay compliant, financial institutions would need to ensure that their AI systems respect the rights of individuals and address any potential infringements.
  3. Third amendment: This amendment introduces a right to explanation for individuals affected by decisions made by AI systems, irrespective of whether the system is classified as high risk. Financial institutions would be required to provide clear and understandable explanations for their AI-driven decisions to individuals. This may necessitate additional resources and transparency efforts to ensure compliance with the right to explanation.

To mitigate the potential impact of these amendments, financial institutions should undertake certain efforts. They should review their AI systems' data processing practices to identify alternative legal bases for processing personal data in compliance with the new rules. Furthermore, financial institutions need to assess and enhance their AI systems to minimize the risk of rights infringements. They should establish mechanisms to address complaints from public interest organizations and ensure effective communication with national supervisory authorities.

In summary, the proposed amendments to the Artificial Intelligence Act in the European Union have significant implications for financial institutions involved in AI systems. These amendments necessitate adjustments to data processing practices, increased compliance efforts, and the provision of clear explanations to individuals affected by AI-driven decisions. Financial institutions should closely monitor the legislative process and take proactive measures to ensure compliance with the new regulatory framework.




Read More

AI Act: a step closer to the first rules on Artificial Intelligence | News | European Parliament
To ensure a human-centric and ethical development of Artificial Intelligence (AI) in Europe, MEPs endorsed new transparency and risk-management rules for AI systems.




Grand is live 🎈, check out our GPT4 powered GRC Platform

Reduce your
compliance risks