When the European Union’s General Data Protection Regulation (GDPR) took effect in May 2018, it signaled the start of more aggressive privacy oversight and enforcement in an era of rapidly advancing technology. The diversity and scope of enforcement actions, and the intersection of data privacy regulation with technology, are likely to pose increasing challenges for regulators and for businesses.
This briefing from Guy Carpenter affiliate Marsh describes where we are as the convergence of GDPR and other data privacy regulation with evolving technology – 5G networks, IoT, AI, the Cloud – will challenge businesses’ ability to foster technology innovation while also protecting privacy. Businesses should expect the EU to take an active approach to AI’s consumption and processing of personal data, especially when it distinguishes individuals based on race, gender, political beliefs or other sensitive categories, even where the consequences are unintentional.