Automated decision-making is changing how organisations operate, from loan approvals and insurance claims to recruitment and healthcare diagnostics. However, the use of automated systems raises... The post Automated Decision Making: Overview of GDPR Article 22 appeared first on GDPR Local.| GDPR Local
Using AI to make important decisions about individuals carries a risk of bias, especially for underwriting, credit, employment, and educational admission decisions. In this Debevoise Data Blog post, we discuss how a recent settlement by the Massachusetts Attorney General’s Office highlights the risks that can arise in AI-powered lending decisions and ways to reduce those [...]| Debevoise Data Blog
In Part 1 of this series, we discussed the annual cybersecurity audit requirements in the proposed rulemaking package (the “Draft Regulations”) of the California Privacy Protection Agency (the “CPPA”). In this Part 2, we discuss the Draft Regulations’ provisions on Automated Decision-Making Technology (“ADMT”). Most notably, the Draft Regulations’ definition of ADMT is more expansive [...]| Debevoise Data Blog
As we approach the end of the year, here are the Top 11 Artificial Intelligence (“AI”) posts on the Debevoise Data Blog in 2024 by page views. If you are not already a Blog subscriber, click here to sign up. Good AI Vendor Risk Management Is Hard, But Doable (September 26, 2024) As companies slowly [...]| Debevoise Data Blog
Our top five European data protection developments from July are: EU AI guidance: Businesses should consider reviewing their AI policies and practices following guidance from the French CNIL and the Irish DPC recommending that businesses conduct AI risk assessments and prepare AI policies and procedures, alongside the EDPB’s statement supporting the appointment of DPAs as [...]| Debevoise Data Blog
On July 29, 2024, the Standing Committee on Ethics and Professional Responsibility of the American Bar Association (“ABA”) published Formal Opinion 512, providing guidance on the ethical use of generative AI tools by legal professionals (the “Opinion”). The Opinion is the latest of several similar ethical guidelines published by various state courts and bar ethics [...]| Debevoise Data Blog
Our top five European data protection developments from June are: Non-material damage under GDPR: The CJEU clarified the scope of compensation for non-material damage in the context of identity theft and data subjects’ fear that their personal data had been exposed. Businesses may wish to review their policies and procedures for responding to compensation requests [...]| Debevoise Data Blog
Our top five European data protection developments from May are: UK guidance on ransom payments: The UK NCSC and various insurance industry bodies co-published guidance on key considerations for ransomware payments. The guidance does not introduce new restrictions or obligations, and is consistent with prior industry standards, as well as UK NCSC and UK ICO [...]| Debevoise Data Blog
In recent years, automated decision-making (ADM) has become increasingly common,[1] impacting various sectors such as finance, justice, and social services. From the credit industry, where ADM is used to determine loan eligibility, to public administration, which uses it to assess asylum requests,[2] ADM systems offer undeniable benefits in efficiency, speed, and scalability. However, the growingRead More| MediaLaws