Kathrin Gardhouse

There are two types of fines under the GDPR with different monetary thresholds. The first are administrative fines under Art. 83(4) for less severe violations of specific sections limited to € 10 million or 2% of annual turnover for organizations. The second are administrative fines under Art. 83(5) for up to € 20 million or … Read more

The revised Data Protection Act (DPA) in Switzerland is set to come into effect on September 1, 2023. The aim of the new law is to ensure that Switzerland maintains an adequate level of data protection according to the European Union (EU) standards, enabling the transfer of personal data across borders without additional measures. This … Read more

India’s Digital Personal Data Protection Bill, 2023, a landmark legislation that aims to protect the privacy rights of Indian citizens in the digital age, received presidential assent on August 12, 2023. The bill has been in the works for years and has gone through several iterations and consultations before reaching its final form. But what … Read more

When organizations think about how to collect, use, and disclose personal data in compliance with privacy laws, the first thing that usually comes to mind is that consent must be obtained. The consent requirement comes with its own complexities under the privacy laws of recent years. Yet, while there are alternatives to consent as the … Read more

New Zealand updated its data protection law with the Privacy Act 2020, which came into force on December 1, 2020. This law replaces the Privacy Act 1993 and introduces some significant changes to align with international standards and best practices. In this blog post, we will explore some of the key features of the Privacy … Read more

Australia has been considering a reform of its 1988 Privacy Act for several years now. While important amendments have been introduced since, such as the Privacy Legislation Amendment (Enforcement and Other Measures) Bill 2022 which implemented increased fines for serious privacy breaches and enhanced enforcement powers for the Australian Privacy Regulator (Office of the Australian … Read more

With OpenAI’s and Azure OpenAI’s API offerings, businesses are enabled to develop their own applications on top of the powerful large language models (LLMs) underlying ChatGPT, Whisper, and OpenAI’s other models. Close to a thousand commercial applications already exist that make use of OpenAI’s foundation models, including our own PrivateGPT which acts as the privacy … Read more

The rapid advancement of generative artificial intelligence (AI) has raised intriguing questions about the copyrightability of AI-generated output. As AI systems become increasingly capable of producing what we would commonly consider original creative works, it becomes essential to examine the copyright implications and ask ourselves who, if anyone, can claim copyright to the output of … Read more

If you are building or thinking about using an application based on OpenAI’s ChatGPT or another large language model (LLM) which will collect or otherwise access health information, you may have to comply with some of the strictest data protection laws currently in force. If your business offers its services in the US, this Mobile … Read more