U.S. company Clearview AI is "spitting in the face of EU authorities" by continuing to scrape people's online photos and selling its facial recognition database to law enforcement agencies and governments, Austrian privacy advocate Noyb said Tuesday as it filed a criminal complaint with Austrian public prosecutors. Clearview didn't immediately comment.
AI Privacy
AI privacy concerns are growing as copyrighted works and personal data are used to train, optimize and operate machine learning systems. From facial recognition to inference risks, AI applications often test the limits of existing privacy laws. Regulators worldwide are developing safeguards to govern data use, bias, transparency and consent in AI development. This page tracks legislation, regulatory frameworks and enforcement actions at the intersection of AI and data protection.
Sens. Josh Hawley, R-Mo., and Richard Blumenthal, D-Conn., on Tuesday led a bipartisan group in introducing legislation that would ban AI chatbots for minors and require age verification.
Privacy Daily is providing readers with the top stories from last week, in case you missed them. All articles can be found by searching the title or clicking on the hyperlinked reference number.
Although it's mainly a framework at present, Italy's AI Act (Law No. 132/2025) represents a "sophisticated regulatory approach" that could influence other EU countries and the U.K., lawyers said recently. The country was the first to adopt the EU AI Act into national law.
As the scope and usage of facial recognition technology increases, privacy advocates are increasingly concerned about a lack of regulation as well as carve-outs in instances where rules exist, they said in interviews with Privacy Daily. But there are existing laws that cover the technology, some contended.
The increasing use of AI requires a stronger commitment to AI literacy, the Dutch DPA said Thursday as it published a guide to building that literacy to help organizations understand their legal obligations under the EU AI Act.
Between 25% and 48% of French internet users would be willing to convert their free, ad-supported access to services into a paid subscription without targeted advertising, watchdog CNIL reported Thursday.
The European Commission is assessing whether ChatGPT qualifies as a Very Large Online Platform (VLOP) under the Digital Services Act (DSA), a spokesman said Wednesday during a briefing. That could have implications for the company's use of targeted advertising.
While there hasn't been a big headline for privacy in 2025, many important smaller developments occurred, George Washington University law professor Daniel Solove and Red Clover Advisors CEO Jodi Daniels said during a webinar Solove hosted Thursday.
The California Privacy Protection Agency's new rules on automated decision-making technology, risk assessments and cybersecurity audits “are some of [its] most significant yet,” the Future of Privacy Forum said in an issue brief published Wednesday. The rules received final approval Sept. 23 and start to apply Jan. 1 (see 2509230036).