Adoption of AI, Blockchain and other emerging technologies within the European public sector A Public Sector Tech Watch report by EU Commission

AI, Public Interests

Decision of 19 October 2010 pursuant to Directive 95/46/EC of the European Parliament and of the Council on the adequate protection of personal data in Andorra

Adequacy Decisions

Decision of 30 June 2003 pursuant to Directive 95/46/EC of the European Parliament and of the Council on the adequate protection of personal data in Argentina

Adequacy Decisions

Decision of 20 December 2001 pursuant to Directive 95/46/EC of the European Parliament and of the Council on the adequate protection of personal data provided by the Canadian Personal Information Protection and Electronic Documents Act

Adequacy Decisions

Decision of 5 March 2010 pursuant to Directive 95/46/EC of the European Parliament and of the Council on the adequate protection provided by the Faeroese Act on processing of personal data

Adequacy Decisions

Decision of 21 November 2003 on the adequate protection of personal data in Guernsey

Adequacy Decisions

Decision of 31 January 2011 pursuant to Directive 95/46/EC of the European Parliament and of the Council on the adequate protection of personal data by the State of Israel with regard to automated processing of personal data

Adequacy Decisions

Decision of 28 April 2004 on the adequate protection of personal data in the Isle of Man

Adequacy Decisions

Decision (EU) 2019/419 of 23 January 2019 pursuant to Regulation (EU) 2016/679 of the European Parliament and of the Council on the adequate protection of personal data by Japan under the Act on the Protection of Personal Information

Adequacy Decisions

Decision of 8 May 2008 pursuant to Directive 95/46/EC of the European Parliament and of the Council on the adequate protection of personal data in Jersey

Adequacy Decisions

Decision of 19 December 2012 pursuant to Directive 95/46/EC of the European Parliament and of the Council on the adequate protection of personal data by New Zealand

Adequacy Decisions

Decision (EU) 2022/254 of 17 December 2021 pursuant to Regulation (EU) 2016/679 of the European Parliament and of the Council on the adequate protection of personal data by the Republic of Korea under the Personal Information Protection Act

Adequacy Decisions

Decision of 26 July 2000 pursuant to Directive 95/46/EC of the European Parliament and of the Council on the adequate protection of personal data provided in Switzerland

Adequacy Decisions

Decision (EU) 2021/1772 of 28 June 2021 pursuant to Regulation (EU) 2016/679 of the European Parliament and of the Council on the adequate protection of personal data by the United Kingdom (notified under document C(2021)4800)

Adequacy Decisions

Decision (EU) 2021/1773 of 28 June 2021 pursuant to Directive (EU) 2016/680 of the European Parliament and of the Council on the adequate protection of personal data by the United Kingdom

Adequacy Decisions

Decision EU 2023/1795 of 10 July 2023 pursuant to Regulation (EU) 2016/679 of the European Parliament and of the Council on the adequate level of protection of personal data under the EU-US Data Privacy Framework

Adequacy Decisions

Decision pursuant to Directive 95/46/EC of the European Parliament and of the Council on the adequate protection of personal data by the Eastern Republic of Uruguay with regard to automated processing of personal data

Adequacy Decisions

Decision pursuant to Directive 95/46/EC of the European Parliament and of the Council on the adequate protection of personal data by the Eastern Republic of Uruguay with regard to automated processing of personal data

Adequacy Decisions

Decision pursuant to Directive 95/46/EC of the European Parliament and of the Council on the adequate protection of personal data by the Eastern Republic of Uruguay with regard to automated processing of personal data

Adequacy Decisions

Assessing Potential Future AI Risks, Benefits, and Policy Imperatives OECD

AI, Risk Management, Technical and Organisational Measures (TOMs)

Reducing Risks Posed by Synthetic Content by NIST

AI, Risk Management, Technical and Organisational Measures (TOMs)

First Draft General-Purpose AI Code of Practice by EU Commission

AI

Mobile Applications recommendations for better privacy protection by CNIL (french)

Product Privacy Design

The Consumer Financial Protection Bureau (CFPB) by Consumer Financial Protection Bureau WASHINGTON, D.C

Finance and Fintech

EDPB Report on the first review of the European Commission Implementing Decision on the adequate protection of personal data under the EU-US Data Privacy Framework

GDPR in Practice – Experience of Data Protection Authorities by FRA

Supervisory Authorities

Recommendations for the use of AI coding assistants by ANSSI and BSI

AI, Specific processing situations

Manipulative, Deceptive, and Exploitative AI Systems report by the Dutch DPA

AI, Lawfulness of Processing, Specific processing situations

Secure Future Initiative Report by Microsoft

Technical and Organisational Measures (TOMs)

“AI & Algorithmic Risks Report” by Dutch Data Protection Authority

AI, Risk Management, Specific processing situations

MITIGATING SECURITY & PRIVACY RISKS by Data Security Council of India

Technical and Organisational Measures (TOMs)

Recommendation on mobile applications or apps by the French DPA

Lawfulness of Processing, Specific processing situations

Report of the work undertaken by the ChatGPT Taskforce by EDPB

AI, Specific processing situations

Recommendation 01/2019 on the draft list of the European Data Protection Supervisor regarding the processing operations subject to the requirement of a data protection impact assessment (Article 39.4 of Regulation (EU) 2018/1725) |EPDB

Controllers and Processors, Data Protection Impact Assessment (DPIA)

Recommendations 1/2022 on the Application for Approval and on the elements and principles to be found in Controller Binding Corporate Rules (Art. 47 GDPR) |EPDB

Data Transfers

Recommendations 01/2020 on measures that supplement transfer tools to ensure compliance with the EU level of protection of personal data |Version 2.0 |EPDB

Data Transfers

Recommendations 02/2020 on the European Essential Guarantees for surveillance measures |EPDB

Specific processing situations, Surveillance

Recommendations 01/2021 on the adequacy referential under the Law Enforcement Directive |EPDB

Adequacy Decisions, Data Transfers

Recommendations 02/2021 on the legal basis for the storage of credit card data for the sole purpose of facilitating further online transactions |EPDB

Consent, Lawfulness of Processing

2023 Coordinated Enforcement Action Designation and Position of Data Protection Officers by EDPB

Controllers and Processors, Data Protection Officer (DPO)

Global Approaches to Auditing Artificial Intelligence by IPIE

AI, Specific processing situations

Recommendation 5: Promote parental controls that respect the child’s privacy and best interests by CNIL

Children as data subjects, Data Subjects Rights

Recommendation 4: Seek parental consent for children under 15 by CNIL

Children as data subjects, Consent, Data Subjects Rights, Lawfulness of Processing

Recommendation 3: Support parents with digital education by CNIL

Children as data subjects, Data Subjects Rights

Recommendation 2: Encourage children to exercise their rights by CNIL

Children as data subjects, Data Subjects Rights

Recommendation 1: Regulate the capacity of children to act online by CNIL

Children as data subjects, Data Subjects Rights

NSW report: Artificial intelligence in New South Wales

AI, Specific processing situations

Recommendation 7: Check the age of the child and parental consent while respecting the child’s privacy by CNIL

Children as data subjects, Data Subjects Rights

Recommendation 6: Strengthen the information and rights of children by design by CNIL

Children as data subjects, Data Subjects Rights

Emerging digital technologies in the public sector report by EU Commission

New technology

Securing Artificial Intelligence: Mitigation Strategy Report by ETSI

AI, Specific processing situations

Responsible AI Governance in Africa: Prospects for Outcomes Based Regulation by African Observatory on Responsible AI

AI, Specific processing situations

Office of the Privacy Commissioner of Canada Sweep Report 2024

Consent, Cookies, Lawfulness of Processing

Relying on the legal basis of legitimate interest to develop an AI system by CNIL

AI, Specific processing situations

Patent Landscape Report on Generative AI by WIPO

AI, Specific processing situations

Consent Banner Report Overview of EU and national guidelines on dark patterns by NOYB

Consent, Lawfulness of Processing

Mobilizing the legal basis of legitimateinterest to develop an AI system by CNIL

AI, Specific processing situations

Report from Multistakeholder Expert group on GDPR application

Data Subjects Rights

Risk and control for artificial intelligence and machine learning systems by Cybernetica

AI, Specific processing situations

Governance of artificial intelligence (AI) by House of Commons UK

AI, Specific processing situations

Neurodata risks report by EDPS and Spanish DPA

AI, Specific processing situations

Report of the work undertaken by the ChatGPT Taskforce bg EDPB

AI

Report and Recommendations of the New York State Bar Association Task Force on Artificial Intelligence

AI, Specific processing situations

COMMISSION IMPLEMENTING DECISION of 10.7.2023 pursuant to Regulation (EU) 2016/679 of the European Parliament and of the Council on the adequate level of protection of personal data under the EU-US Data Privacy Framework

Adequacy Decisions, Data Transfers

Recommendations for companies planning to use Cloud computing services by CNIL

Cloud Services

Report of the work undertaken by the Cookie Banner Taskforce [Official EDPB Guidelines] [pdf]

Consent, Cookies

Annual Report 2023 NOYB

Data Subjects Rights

Second Report on the application of the General Data Protection Regulation by EU Commission

Data Subjects Rights, Data Transfers

Annual Report 2023 by Irish DPA

Data Subjects Rights

AI system development: CNIL’srecommendations to comply with the GDPR

AI, Specific processing situations

Addictive patterns in the processing of personal data Implications for data protection by AEPD

Definitions, Processing of personal data

AI Auditing Checklist for AI Auditing by EDPB

AI, Specific processing situations

AI, DATA GOVERNANCE AND PRIVACY SYNERGIES AND AREAS OF INTERNATIONAL CO-OPERATION BY OECD

AI, Specific processing situations

AI Development Recommendations to Ensure GDPR Compliance by CNIL

AI, Specific processing situations