Original broadcast date: 2 Nov. 2023

The spectacular development of generative artificial intelligence has triggered a global thinking about how best to regulate the technology's risks. Several proposals for new rules have been advanced, including during the legislative process for an EU AI Act. When it comes to issues related to data protection, privacy and security, however, generative AI is already regulated by the EU General Data Protection Regulation. Italy's data protection authority, the Garante, only lifted a ban on ChatGPT after OpenAI committed to take a series of actions to address GDPR issues. Still, major questions remain open, and several other DPAs have launched investigations, while the European Data Protection Board created a task force on this. What could be the legal basis for training large-language models with personal data? How to address the other GDPR issues? Is it possible to reconcile the EU's data protection regulation with the need for innovation? And how is the potential governance of generative AI being shaped in the context of U.S. and global regulation?

Panel: Théodore Christakis, Isabel Hahn, William Malcolm, Félicien Vallet.