Any privacy development in Europe this week would be overshadowed by the news of the death of Queen Elizabeth II. History has taken over. This modest privacy column would not be wide enough to do justice to a sovereign who has marked almost a century of British, European and international history with unmatched dedication.
Of course, this week, the U.K. was the scene of a major political development as Liz Truss succeeded Boris Johnson as the U.K.'s next prime minister. Truss previously served as Trade and as Foreign Affairs Minister in Johnson's government. Within recent months and notwithstanding detours she made on the political chessboard during her career, she recently emerged as a fierce Brexiteer. In the EU-U.K. context, observers are not betting on her being particularly constructive with European partners, as tension remains on the implementation of the Brexit deal reached two years ago.
Time will tell whether that was staunch campaign rhetoric or whether she will hold that strong a line, at the risk of EU-U.K. relations turning sour, potentially jeopardizing the EU-U.K. divorce and trade deals. Truss has appointed Michelle Donelan as Secretary of State for Digital, Culture, Media and Sport. In this role, Donelan and her ministerial team will oversee U.K. data protection reform initiated by DCMS a year ago. However, its fate is uncertain at the moment as further discussions were postponed.
Elsewhere, an interesting report emerged from the Conseil d'Etat — France's highest administrative court — recommending that France's data protection authority, the Commission nationale de l'informatique et des libertés, be the supervisory authority for regulating artificial intelligence systems, in particular public ones, once the AI Act enters into force. The 360-page report commissioned by the French prime minister reflects on the concepts, uses, legal and ethical issues and the conditions for a relevant and successful deployment of AI systems within the public sphere.
In a move that might irritate some in the EU leadership, the Conseil d'Etat recommends France not wait for the EU-level AI Act but rather implement "pragmatic guidelines" to support the deployment of AI in public services. It goes on to say that public sector AI should be based on seven high-level principles; some are no-brainers in Brussels, e.g., transparency and nondiscrimination; others, such as "strategic autonomy," are a lot more disputed among stakeholders.
Finally, the study recommends a "profound transformation of the CNIL into a national supervisory authority responsible." The rationale is multifold: to avoid adding administrative complexity and creating divergence in supervisory directions; but most importantly for the report's authors, there is a real synergy between regulating personal data and regulating AI. So what would that "profound transformation" entail? It involves giving the CNIL more resources and making it a "facilitator of innovation" by bringing AI specialists' profiles to all levels of the organization.
If you want to comment on this post, you need to login.