Welcome to Week 1 of May and 21 of Berry Picks. There is something so “the hills are alive with the sound of music” about the first week of May. And accordingly, I know I will hear what I’ve heard before, AI and data protection? There are less puns below, pink promise 🤞
🤖 Artificial Intelligence
UK’S Competition and Markets Authority (“CMA”) is opening an initial review of competition and consumer protection considerations in the development and use of AI foundation models. The UK is asking regulators to consider how the development and deployment of AI can be supported in a way that benefits consumers, businesses, and the UK economy. The CMA is conducting a review of foundation models, including large language models and generative AI, and will produce guiding principles to support competition and protect consumers as AI foundation models develop. The review will examine how competitive markets for foundation models could evolve and explore opportunities and risks for competition and consumer protection. The report will reach us in September 2023. Seems a little late for the speed with which AI is developing, now that it can read minds and all (sneaky peak of AI in the wild here). Let’s hope not.
Most of us probably heard of it, the White House held a meeting with top AI technology executives (Alphabet, Anthropic, Microsoft, and OpenAI) to discuss risks and opportunities related to AI. The Administration emphasized the importance of responsible behavior and safeguards to mitigate risks to individuals, society, and national security. The meeting reportedly discussed the need for transparency, evaluation, and security of AI systems. Administration officials and CEOs agreed to work together to develop appropriate safeguards and protections. All in all, it’s a lot of talk and not much action for now, but we’ll see.
🎩 Competition
France’s Autorité de la concurrence issued interim measures against Meta Platforms, formerly Facebook, pending a decision on the merits of a complaint by Adloox SAS. The regulator said the conditions for accessing Meta’s viewability and brand safety partnerships may constitute abuse of a dominant position, causing immediate harm to Adloox and the independent ad verification sector. The interim measures order Meta to define new criteria for access and make them public. The injunction allows Adloox rapid admission to these partnerships provided it meets the new access criteria.
🔏 Data Protection & Privacy
The CJEU ruled that mere infringement of the GDPR does not give rise to a right to compensation. However, the CJEU clarified that there is no requirement for non-material damage suffered to reach a certain threshold of seriousness before a right to compensation arises. The court also stated that the GDPR does not contain rules governing the assessment of damages. Thus it is up to the legal system of each member state to determine the criteria for determining the extent of compensation payable in that context, provided that the principles of equivalence and effectiveness are complied with.
The CJEU clarified that the right to obtain a copy of personal data means that the data subject must be given a faithful and intelligible reproduction of all the data. This includes the right to obtain copies of extracts from documents or entire documents or extracts from databases that contain the data, if necessary to enable the data subject to exercise their rights under the GDPR. The court also stated that the concept of ‘information’ in Article 15(3) of the GDPR refers only to personal data which must be provided as a copy, and that a balance must be struck between the data subject’s right to access and the rights and freedoms of others.
The US Federal Trade Commission (“FTC”) proposed changes to the 2020 privacy order with Meta (then Facebook). The proposal comes after allegations that the company violated the order, misled parents about their ability to control communication through its Messenger Kids app, and misrepresented the access it provided to private user data. The proposed changes would prohibit Meta from profiting from data it collects from users under 18 and expand limitations on its use of facial recognition technology. The changes would apply to all of Meta’s services, including Instagram, WhatsApp, and Oculus. This is the third time the FTC has taken action against Facebook for failing to protect users’ privacy. The FTC asked Meta to respond in 30 days to the proposed findings from the investigation. But let’s be real, we all know how this will end – with Meta paying a fine and promising to do better. Wash, rinse, repeat.
🐆 AI in the Wild
AI can now officially read minds. A paper published this week revealed researchers developed a new AI method called CEBRA that translates brain signals into video. The study was conducted on mice and showed over 95% accuracy in frame prediction. I had a few what is this sorcery moments reading about it. Head cameras out AI in, my innocent opinion of the week right there.
📄 Recommended Readings
Here’s a couple –in no particular order– of recent publications that piqued my interest this week. Remember to grab a cuppa and settle in for some riveting reading.
Misleading AI: Regulatory Strategies for Transparency in Information Intermediary Tools for Consumer Decision-Making by Jeannie Marie Paterson
The DMA and the GDPR: Making Sense of Data Accumulation, Cross-Use and Data Sharing Provisions by Muhammed Demircan
Disclaimer: I am in no way affiliated with the authors or publishers in sharing these, and do not necessarily agree with the views contained within. I try to include mostly open access publications due to, well you know, accessibility of knowledge and science.
That concludes this week’s IT Law roundup, folks. Don’t forget to pop back next week for more legal updates with a unique twist. Take care and goodbye!
I always appreciate your thoughts and ideas on how to enhance this digest. Feel free to reach out and provide feedback. You can find relevant contact details here.
Featured image generated using Midjourney.
