European Regulators Tighten Control Over Artificial Intelligence Use

The use of personal data in artificial intelligence (AI) operations has once again become the focal point for European regulators. As these digital technologies advance rapidly, the demand for new regulatory standards concerning privacy and data protection becomes increasingly imperative. The recent blocking of the DeepSeek chatbot in Italy served as a significant signal for the rest of Europe.

Strengthening Regulatory Approaches

The monthly meeting of the European Data Protection Board (EDPB) on Tuesday highlighted that AI regulation is advancing to a new level. The primary discussion revolved around DeepSeek's use of personal user data. Following Italy's decision to block the chatbot, regulators in France, the Netherlands, Belgium, Luxembourg, and other countries called for a re-evaluation of data analysis and processing methods employed by the platform.

An EDPB spokesperson reported that several national data protection authorities (DPAs) are already taking measures regarding DeepSeek. In the future, such initiatives could form the foundation for the development of pan-European standards in this area.

Expanding the Working Group’s Mandate

In April 2023, a working group within the EDPB was established to study and coordinate AI regulatory issues, particularly focusing on ChatGPT by OpenAI, supported by Microsoft $MSFT. However, in light of new incidents, European regulators decided to broaden the group's mandate to include new areas—from analyzing data processing methods to sharing best enforcement practices. This will lay the groundwork for universal safety and privacy standards.

Privacy Concerns

A major point of contention is the lack of transparency in data processing. Global platforms like DeepSeek frequently collect and analyze large volumes of personal information. However, their approaches do not always align with the stringent European standards established by the General Data Protection Regulation (GDPR).

Key concerns include:

- A lack of clarity regarding data processing mechanisms

- Potential risks of data leaks

- Possibility of data usage without user consent

These issues necessitate a swift adaptation of legal regulations to meet the new challenges posed by AI development.

EDPB Actions Taken

The working group within EDPB has undertaken several core tasks:

1. Investigate data processing practices by chatbots such as DeepSeek and ChatGPT.

2. Develop standardized requirements for AI platforms.

3. Facilitate information exchange among national regulators.

4. Formulate recommendations on personal data protection for AI services.

These initiatives aim to create a safe environment for the deployment and use of AI in Europe.

Implications for Companies

For tech companies, increased regulator oversight presents certain challenges:

- Meeting additional requirements can lead to elevated costs.

- Risk of sanctions for failing to comply with GDPR norms.

- Inability to operate in specific markets if legislation is not adhered to.

However, these actions also open up new opportunities: companies that adapt their services to privacy requirements can earn greater trust among European users.

The efforts to establish transparent AI regulation standards are just beginning. The main goal remains balancing the effective development of technologies with the protection of personal data. Constructive collaboration between regulators and businesses will be a crucial success factor in this field.