Artificial Intelligence v. General Data Protection Regulation: Complex Risks in Changing Times JD Supra

Artificial Intelligence ("AI") swallows vast troves of data, so, as its definition suggests, it enables "the capability of a machine to imitate intelligent human behavior."1 Much like humans learn over time by exposure to different experiences and new information, AI systems can be fed enough data so that they can eventually draw conclusions and make inferences. Given AI's data diet, it is saddled with a host of privacy regulations, which vary depending on the nature of the data and its uses. This article highlights three compliance tensions between AI and the European privacy regime, the General Data Protection Regulation ("GDPR"), which contains various privacy-related principles for how personal data must be processed and provides certain data subject rights. With GDPR fines reaching as high as 4 percent of annual global turnover, or 20 million euros (whichever is higher), carriers insuring them should endeavor to understand these complex risks.