• About Us
  • Contact Us
  • Terms & Conditions
  • Privacy Policy
Technology Hive
  • Home
  • Technology
  • Artificial Intelligence (AI)
  • Cyber Security
  • Machine Learning
  • More
    • Deep Learning
    • AI in Healthcare
    • AI Regulations & Policies
    • Business
    • Cloud Computing
    • Ethics & Society
No Result
View All Result
  • Home
  • Technology
  • Artificial Intelligence (AI)
  • Cyber Security
  • Machine Learning
  • More
    • Deep Learning
    • AI in Healthcare
    • AI Regulations & Policies
    • Business
    • Cloud Computing
    • Ethics & Society
No Result
View All Result
Technology Hive
No Result
View All Result
Home AI Regulations & Policies

CNIL’s Recommendations on AI and the GDPR

Sam Marten – Tech & AI Writer by Sam Marten – Tech & AI Writer
February 25, 2025
in AI Regulations & Policies
0
CNIL’s Recommendations on AI and the GDPR
0
SHARES
1
VIEWS
Share on FacebookShare on Twitter

Commission Nationale de l’Informatique et des Libertés (CNIL) Publishes New Recommendations for Responsible Innovation in Artificial Intelligence (AI)

Recommendation 1: Informing Individuals

The obligation to inform data subjects stems from the principle of transparent processing (Article 12 of the GDPR) and applies to data collected both directly and indirectly. The data controller may be exempt from this obligation if providing information is not possible in practice or would require a disproportionate effort, or may only be required to provide general information.

The French data protection authority states that it is good practice to allow a reasonable period between collecting the information and training the model when the data collected is of a sensitive nature. This period would make it possible to guarantee the exercise of rights; failing to allocate time for this risks infringing users’ rights.

Regarding the provision of information, it must be concise, transparent, comprehensible, and accessible. The CNIL recommends that information be provided at multiple levels, with priority given to essential information at the first level. Such information may take the form of information provided to the data subject concerned or, by way of derogation from article 14.5 GDPR, general information. General information is permitted when the data subject has already been informed about the processing, or when providing information to the data subject would require disproportionate effort.

Examples of Good Practice and Recommendations on How to Inform Individuals about the Processing of Their Data

  • When reusing a dataset or AI model subject to the GDPR, communicating the contact details of the initial data controller.
  • When scraping data from websites or reusing scraped data, providing information about the sources or categories of sources used.
  • When developing general-purpose AI models within the meaning of the AI Act, providing a summary of the content used for training.

Recommendation 2: Exercise of Rights

Two key facets of AI are highlighted in relation to the exercise of rights: training datasets and AI models that are subject to the GDPR.

Exercising Rights over Training Datasets

  • Exercising rights over training datasets: The GDPR allows individuals to request any available information on the recipient of the data and its source. Even if the data controller is not required to store users’ data because it does not need, or no longer needs, to identify individuals, it must compile sufficient documentation on the sources of the training data to enable individuals to exercise their rights and demonstrate compliance with the GDPR.

Exercising Rights over Models Whose Processing is Subject to the GDPR

  • The debate surrounding their anonymity is also addressed. It draws a distinction between cases where personal data is obviously present and those where the presence of personal data is yet to be determined.

Conclusion

The CNIL’s recommendations provide guidance on how to ensure that the development and use of AI models are consistent with the principles of the General Data Protection Regulation (GDPR). By following these recommendations, organizations can ensure that they are meeting their obligations under the GDPR and respecting the rights of individuals.

Frequently Asked Questions

  • What are the key takeaways from the CNIL’s recommendations?
    • The need to inform individuals about the processing of their data
    • The need to respect the rights of individuals in relation to training datasets and AI models
  • What are some examples of good practice and recommendations on how to inform individuals about the processing of their data?
    • Providing information about the sources or categories of sources used when scraping data from websites or reusing scraped data
    • Communicating the contact details of the initial data controller when reusing a dataset or AI model subject to the GDPR
  • What are some examples of good practice and recommendations on how to exercise rights over training datasets and AI models?
    • Providing information about the sources of the training data to enable individuals to exercise their rights and demonstrate compliance with the GDPR
    • Compiling sufficient documentation on the sources of the training data to enable individuals to exercise their rights and demonstrate compliance with the GDPR
Previous Post

The Power of AI for Medical Imaging

 Next Post

The Intelligence Age
Sam Marten – Tech & AI Writer

Sam Marten – Tech & AI Writer

Sam Marten is a skilled technology writer with a strong focus on artificial intelligence, emerging tech trends, and digital innovation. With years of experience in tech journalism, he has written in-depth articles for leading tech blogs and publications, breaking down complex AI concepts into engaging and accessible content. His expertise includes machine learning, automation, cybersecurity, and the impact of AI on various industries. Passionate about exploring the future of technology, Sam stays up to date with the latest advancements, providing insightful analysis and practical insights for tech enthusiasts and professionals alike. Beyond writing, he enjoys testing AI-powered tools, reviewing new software, and discussing the ethical implications of artificial intelligence in modern society.

Related Posts

A New York Legislator Wants to Revive Dead California AI Bill
AI Regulations & Policies

A New York Legislator Wants to Revive Dead California AI Bill

by Linda Torries – Tech Writer & Digital Trends Analyst
March 6, 2025
Regulating Generative AI
AI Regulations & Policies

Regulating Generative AI

by Linda Torries – Tech Writer & Digital Trends Analyst
March 6, 2025
We Need to Protect the Protocol That Runs BlueSky
AI Regulations & Policies

We Need to Protect the Protocol That Runs BlueSky

by Linda Torries – Tech Writer & Digital Trends Analyst
March 5, 2025
AI Act Prohibitions and Definitions
AI Regulations & Policies

AI Act Prohibitions and Definitions

by Linda Torries – Tech Writer & Digital Trends Analyst
March 5, 2025
At RightsCon in Taipei, activists reckon with a US retreat from promoting digital rights
AI Regulations & Policies

At RightsCon in Taipei, activists reckon with a US retreat from promoting digital rights

by Linda Torries – Tech Writer & Digital Trends Analyst
March 4, 2025
Next Post
The Intelligence Age

The Intelligence Age

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Latest Articles

Mistral OCR API

Mistral OCR API

March 9, 2025
Can Deep Learning Transform Heart Failure Prevention?

Can Deep Learning Transform Heart Failure Prevention?

February 27, 2025
The impact on the UK workforce

The impact on the UK workforce

February 25, 2025

Browse by Category

  • AI in Healthcare
  • AI Regulations & Policies
  • Artificial Intelligence (AI)
  • Business
  • Cloud Computing
  • Cyber Security
  • Deep Learning
  • Ethics & Society
  • Machine Learning
  • Technology
Technology Hive

Welcome to Technology Hive, your go-to source for the latest insights, trends, and innovations in technology and artificial intelligence. We are a dynamic digital magazine dedicated to exploring the ever-evolving landscape of AI, emerging technologies, and their impact on industries and everyday life.

Categories

  • AI in Healthcare
  • AI Regulations & Policies
  • Artificial Intelligence (AI)
  • Business
  • Cloud Computing
  • Cyber Security
  • Deep Learning
  • Ethics & Society
  • Machine Learning
  • Technology

Recent Posts

  • CoreWeave Secures $11.9 Billion OpenAI Contract
  • Decoding LLM Pipeline: Input Processing & Tokenization
  • FactoryBERT: AI for Manufacturing Understanding
  • Google’s Gemma 3: Open Source Single-GPU AI Model
  • RPA Enhances Clinical Care Efficiency

Our Newsletter

Subscribe Us To Receive Our Latest News Directly In Your Inbox!

We don’t spam! Read our privacy policy for more info.

Check your inbox or spam folder to confirm your subscription.

© Copyright 2025. All Right Reserved By Technology Hive.

No Result
View All Result
  • Home
  • Technology
  • Artificial Intelligence (AI)
  • Cyber Security
  • Machine Learning
  • AI in Healthcare
  • AI Regulations & Policies
  • Business
  • Cloud Computing
  • Ethics & Society
  • Deep Learning

© Copyright 2025. All Right Reserved By Technology Hive.

Are you sure want to unlock this post?
Unlock left : 0
Are you sure want to cancel subscription?