Privacy

The European Data Protection Board (EDPB) has recently provided critical guidance on ensuring GDPR compliance during the development and deployment of AI models. Opinion 28/2024 addresses core data protection issues, such as the use of personal data in AI model training, legal bases for processing, and the impact of unlawful data processing on the deployment … Read more

Artificial intelligence and large language models (LLMs) are transforming the way we work, and the boundaries of data privacy are being tested like never before. While most organizations have measures in place to secure their proprietary algorithms and internal data repositories, there’s a growing challenge that can’t be overlooked: the uncontrolled sharing of Confidential Company … Read more

The US insurance industry operates under a complex landscape of privacy laws and regulations designed to protect consumers’ personal information. At the heart of this regulatory framework are standards developed by the National Association of Insurance Commissioners (NAIC), alongside federal and state laws like the Gramm-Leach-Bliley Act (GLBA). Key NAIC model laws addressing privacy in … Read more

The Belgium Data Protection Authority’s recent report, Artificial Intelligence Systems and the GDPR: A Data Protection Perspective, is a timely analysis exploring the interplay of the General Data Protection Regulation (GDPR) and the EU Artificial Intelligence (AI) Act. It seeks to provide insights into where the EU AI Act adds additional compliance requirements to aspects … Read more

Quebec’s new Act Respecting Health and Social Services Information (ARHSSI) introduces a notable tightening of data privacy requirements within the province, with a distinct emphasis on safeguarding health and social services information.  The Act mandates that all information held by certain public bodies and potentially entrusted to third parties must remain confidential unless explicitly authorized … Read more

In the fast-evolving world of AI, where data is at the core of decision-making, one challenge remains constant: ensuring appropriate privacy and protection of an individual’s and an organization’s data. That’s why, in May 2023, we introduced PrivateGPT, a solution that securely redacts PII from user prompts before sending them to an LLM. Now, with … Read more

We previously wrote about Unlocking Compliance with the Japanese Data Privacy Act (APPI) using Private AI and are now following up with an assessment of the Interim Report on Considerations for the Triennial Review of the Act on Protection of Personal Information (Interim Report). This Interim Report results from a review of APPI, which the … Read more

Thailand’s Personal Data Protection Act (PDPA) was signed into law in 2019 and came into force in mid 2022. It is in many ways inspired by Europe’s General Data Protection Regulation (GDPR) but with some notable differences, e.g., potential prison time for violations in addition to criminal and administrative fines and a greater social good … Read more

The Office of the Superintendent of Financial Institutions (OSFI) has set forth guidelines to ensure that Federally Regulated Financial Institutions (FIs) maintain robust data security, risk management, and operational resilience. Private AI’s advanced machine learning and natural language processing technologies provide helpful tools that can help FRFIs meet these requirements efficiently and effectively. Since the … Read more

For the longest time, the US was one notable outlier in the global trend of developing federal-level comprehensive privacy laws. The nation, (in)famous for its patchworked approach to privacy with many sector-specific and 15 (soon to be 17) states laws that cover privacy protection comprehensively, is now (once again) close to joining the other 137 … Read more