WilmerHale’s Guide to AI and GDPR

WilmerHale’s Guide to AI and GDPR

Publication

The rise of AI and its widespread availability offer significant growth opportunities for businesses. However, companies developing and using AI must implement robust governance frameworks to ensure compliance with regulatory requirements, especially under the EU AI Act and the EU GDPR.

The GDPR—the European Union's key data protection regulation—is particularly salient, because AI is frequently trained to identify patterns and relationships in large volumes of personal data. Additional personal data is often gathered during deployment and incorporated into AI to assist with individual decision-making. GDPR compliance therefore must be a key consideration throughout the AI development lifecycle, starting from the very first stages.

What You Will Find in This Guide

WilmerHale’s Guide to AI and GDPR lays out the GDPR requirements that must be addressed at each stage of the AI development lifecycle—from planning to design, development, and deployment—and when using AI. It discusses the technical and organizational measures, data protection principles, and safeguards businesses should aim to implement to ensure GDPR compliance and protect individuals’ data protection rights.

Authors

Notice

Unless you are an existing client, before communicating with WilmerHale by e-mail (or otherwise), please read the Disclaimer referenced by this link. (The Disclaimer is also accessible from the opening of this website). As noted therein, until you have received from us a written statement that we represent you in a particular manner (an "engagement letter") you should not send to us any confidential information about any such matter. After we have undertaken representation of you concerning a matter, you will be our client, and we may thereafter exchange confidential information freely.

Thank you for your interest in WilmerHale.