I recently had the chance to go through the recent European Data Protection Board's (EDPB) opinion 4/2020 on the European Commission's white paper on AI.

A few interesting points arising from the EDPB's opinion:

1. Facial recognition: EDPB supports a moratorium on the use of remote biometric identification in public spaces until the EU and Member States have all implemented a coordinated set of safeguards;

2. Data protection impact assessment (DPIA): EDPB reminds that DPIA is mandatory before processing data using innovative technologies if the processing is likely to result in a high risk to the rights and freedoms of the individuals (art. 35 GDPR). The deployment of AI most likely triggers the DPIA requirement. Plus, AI should not be used when processing can be pursued with a less intrusive means; and

3. Access to data: The EDPB suggests the Commission should foster the development of standardised "Application Program Interfaces" (aka API) in order to (i) ease the access to data for the authorised users independently of the location of that data and (ii) facilitate data portability.


Please note this blog post was written by a Clifford Chance LLP employee. Clifford Chance LLP is the parent company of Clifford Chance Applied Solutions (CCAS). The content within this post does not constitute legal advice.