AI and GDPR Guidelines

A recent study by ETH Zurich and Anthropic revealed that AI can be used to identify pseudonymous online users at scale.

I questioned the EDPB on it’s implications and the upcoming European GDPR guidelines and how they will be implemented across the member states.

AI Omnibus puts end to ‘Nudifiers’
We reached a deal on the AI Act Omnibus. After months of intensive negotiations, I am genuinely relieved and proud of what we have achieved.

The European Union now has its first ever ban on nudification applications. AI systems that generate non-consensual intimate imagery of real people – that strip women naked without their consent, that produce child sexual abuse material, are prohibited under EU law. The European Parliament had a chance to act on a harm that is being industrialised by AI, and we took it.

We secured a stop-the-clock compliance mechanism, giving companies the additional time they need to meet their obligations. We also secured meaningful simplification measures -cutting unnecessary red tape and duplicative compliance burdens, particularly for smaller businesses and SMEs.

And this is on top of protections we fought to ensure remain firmly within the AI Act – mandatory registration of high-risk AI systems, and stronger safeguards for bias detection. These were hard-won in the original Act. We were not prepared to see them traded away in an Omnibus process, and they were not.