The Do’s and Don’ts of DSARs: A Practical Guide for Responding to Data Subject Access Requests
Handling data subject access requests (DSARs) isn’t as easy as ticking a compliance checkbox. It can be a test of an entity’s data organization, internal communication, and understanding of legal requirements. Between navigating jurisdictional nuances and meeting strict deadlines, the DSAR response process can quickly unravel without a clear plan. In this guide, we suggest […]
EDPB Opinion on AI Models and GDPR Principles: Key Takeaways
In December 2024, the European Data Protection Board (EDPB) issued an Opinion in response to a request from the Irish supervisory authority, focusing on the application of GDPR principles in the context of AI models. The Irish supervisory authority posed three specific questions: When and how can an AI model be considered “anonymous”? What is […]
Upcoming Webinar: The EU AI Act: How Will It Affect Your Business?
On Thursday, December 12, 2024 at 11am ET, DataCamp will host a live webinar titled “The EU AI Act: How Will It Affect Your Business?” The speakers are Dan Nechita, Lead Technical Negotiator for the EU AI Act on behalf of the European Parliament, and Lily Li, Data Privacy, Cybersecurity & AI Lawyer and Founder […]
Comparing EU and US AI legislation: déjà vu to 2020
This article was initially published in Reuters and Thomson Reuters Westlaw Today. Lily Li of Metaverse Law discusses the landscape for AI legislation, with the passage of the European Union’s AI Act while states pass AI bills with differing thresholds, coverage and subject matter. The landscape for EU and US AI legislation feels […]
Metaverse Law Presents at #RISK DIGITAL UK/EU
Metaverse Law’s Lily Li recently spoke at the #Risk Digital UK/EU global livestream last week for two sessions: “A New Era of AI Governance” and “The Role of Technology in Modern Governance, Risk and Compliance.” Lily’s presentations included an overview about artificial intelligence risks and discussed the latest developments in European Union and United States […]
Uber Fined $324 Million for Data Transfer Violations
What Happened? On Monday, the Dutch Data Protection Authority (DPA) found that Uber will be fined over $324 million for violating a European Union data privacy law.[1] The Dutch DPA stated that Uber transferred personal data about its drivers to the United States without appropriate safeguards, violating the GDPR.[2] According to the decision, transfer tools […]
