Data is typically added to an AI to explain a problem, situation, or request (“input data”). Some popular AI models refer to input data by the term “prompt” as the user is prompting the AI to initiate an action, or to create additional information. Prompts can take different forms such as text prompts or image

The GDPR allows individuals to request that their information be deleted in the following situations:[1]

  • Companies must delete data upon request if the data was processed based solely on consent. The GDPR recognizes that companies may process data based on six alternate lawful grounds.[2] One of these is where a person has given

Personal information in the franchise relationship is an asset now more than ever. Whether the personal information is customer data, employee data, device data, loyalty, and rewards data, or otherwise, and regardless of the method of collecting the data, managing such personal information once collected is a crucial part of the franchise relationship.

Click here

Europe’s General Data Protection Regulation (GDPR) allows individuals to request that their information be deleted in the following situations:[1]

  1. Companies must delete data upon request if the data was processed based solely on consent. The GDPR recognizes that companies may process data based on six alternate lawful grounds.[2] One of these is where

Data typically is needed to train and fine-tune modern artificial intelligence models. AI can use data – including personal information – in order to recognize patterns and predict results.

The EU’s General Data Protection Regulation (GDPR) permits controllers to process personal information if one (or more) of the following six lawful processing purposes applies:[1]

Data typically is needed to train and fine-tune modern artificial intelligence models. AI can use data – including personal information – to recognize patterns and predict results.

Companies that utilize personal information to train an AI may either be acting as a controller or a processor depending on the degree of discretion that they exercise

The EU’s General Data Protection Regulation (GDPR) applies to two types of entities – “controllers” and “processors.” 

A “controller” refers to an entity that “determines the purposes and means” of how personal information will be processed.[1] Determining the “means” of processing refers to deciding “how” information will be processed.[2] That does not necessitate

Greenberg Traurig Shareholders Breton H. Permesly and Tyler J. Thompson will present the CLE webinar, “Personal Information in the Franchise Relationship,” on Wednesday, June 28 at 12:30 pm EDT. As privacy laws proliferate around the world while the value of customer personal information simultaneously increases, data has never been riskier or had

All modern privacy statutes regulate when personal information can be shared with third parties, whether those third parties are service providers, vendors, contractors, or business partners. Most modern privacy statutes recognize, however, that privacy risks are reduced when the third party is related to the organization from which the data originates. As the following chart

In September 2021, Quebec’s Parliament updated its data privacy regime by passing the Act to Modernize Legislative Provisions as Regards the Protection of Personal Information, 2021 (“Law 25”). It is critical to determine whether an organization is subject to Law 25, as there are potential fines of up to 4% of an organization’s worldwide turnover.