Data is typically added to an AI to explain a problem, situation, or request (“input data”). Some popular AI models refer to input data by the term “prompt” as the user is prompting the AI to initiate an action, or to create additional information. Prompts can take different forms such as text prompts or image
personal information
Under the GDPR, does a company that uses personal information to train an AI need to allow individuals to request that their information be removed from the training data?
The GDPR allows individuals to request that their information be deleted in the following situations:[1]
- Companies must delete data upon request if the data was processed based solely on consent. The GDPR recognizes that companies may process data based on six alternate lawful grounds.[2] One of these is where a person has given
Managing Personal Information Roles in the Franchise Relationship: New Privacy Laws Mean Ensuring the Right Processing Roles Is More Important than Ever
Personal information in the franchise relationship is an asset now more than ever. Whether the personal information is customer data, employee data, device data, loyalty, and rewards data, or otherwise, and regardless of the method of collecting the data, managing such personal information once collected is a crucial part of the franchise relationship.
Under the GDPR, does a company that uses personal information to train an AI need to allow individuals to request that their information be removed from the training data?
Europe’s General Data Protection Regulation (GDPR) allows individuals to request that their information be deleted in the following situations:[1]
- Companies must delete data upon request if the data was processed based solely on consent. The GDPR recognizes that companies may process data based on six alternate lawful grounds.[2] One of these is where
Under the GDPR, what lawful purposes can a company rely upon when using personal information to train an AI?
Data typically is needed to train and fine-tune modern artificial intelligence models. AI can use data – including personal information – in order to recognize patterns and predict results.
The EU’s General Data Protection Regulation (GDPR) permits controllers to process personal information if one (or more) of the following six lawful processing purposes applies:[1]…
What GDPR requirements does a company that uses personal information to train an artificial intelligence (AI) need to meet?
Data typically is needed to train and fine-tune modern artificial intelligence models. AI can use data – including personal information – to recognize patterns and predict results.
Companies that utilize personal information to train an AI may either be acting as a controller or a processor depending on the degree of discretion that they exercise…
Under the GDPR, are companies that utilize personal information to train artificial intelligence (AI) controllers or processors?
The EU’s General Data Protection Regulation (GDPR) applies to two types of entities – “controllers” and “processors.”
A “controller” refers to an entity that “determines the purposes and means” of how personal information will be processed.[1] Determining the “means” of processing refers to deciding “how” information will be processed.[2] That does not necessitate…
June 28 Webinar | Personal Information in the Franchise Relationship
Greenberg Traurig Shareholders Breton H. Permesly and Tyler J. Thompson will present the CLE webinar, “Personal Information in the Franchise Relationship,” on Wednesday, June 28 at 12:30 pm EDT. As privacy laws proliferate around the world while the value of customer personal information simultaneously increases, data has never been riskier or had…
Finding the Delta: Understanding the Differences in How State Privacy Laws Define Corporate Affiliates
All modern privacy statutes regulate when personal information can be shared with third parties, whether those third parties are service providers, vendors, contractors, or business partners. Most modern privacy statutes recognize, however, that privacy risks are reduced when the third party is related to the organization from which the data originates. As the following chart…
Quebec’s New Privacy Law 25: Is There a Nonprofit Exception?
In September 2021, Quebec’s Parliament updated its data privacy regime by passing the Act to Modernize Legislative Provisions as Regards the Protection of Personal Information, 2021 (“Law 25”). It is critical to determine whether an organization is subject to Law 25, as there are potential fines of up to 4% of an organization’s worldwide turnover.…