digital economy regulation

This flash examines contrasting perspectives on the potential impact of the ongoing reform of the UK data protection regime on the EU adequacy decision for the UK, which is the legal basis for the free flow of personal data. Unlike members of the European Parliament, UK Information Commissioner John Edwards expressed confidence that the UK will uphold the same level of data protection.

Generative artificial intelligence (AI) systems (such as ChatGPT) were explicitly included within the scope of the joint roadmap on AI, already announced in December 2022. In addition, the EU-US Trade and Technology Council issued a preliminary list with 65 terms essential to understanding risk-based approaches to AI, which would be further consulted with stakeholders.

The Court of Justice of the EU ruled that the right to obtain a “copy” of personal data means that data subjects must be provided with a “faithful and intelligible reproduction” of all their personal data. Providing a mere summary of the data that a data controller has in its possession is not sufficient.

The forum provided an update of the candidate EU 5G cybersecurity certification scheme and it launched ENISA’s 5G security controls matrix. Further, the forum also touched upon security concerns of telecoms operators in relation to supply chain and cyber threat intelligence.

At a conference organised by the EU cybersecurity agency, ENISA, stakeholders noted the increasing role that cybersecurity and cybersecurity certification play in recent EU digital regulation.

This week’s edition features stories about the record fine on Meta imposed by the Irish data protection authority following a binding decision by the European Data Protection Board (EDPB); a new EDPB chair elected for a five-year term; new EDPB guidelines on the right of access to personal data; as well as a conference on EU consumer protection rules. It also lists events taking place this week.