Q&As

Q&As

This subtopic is an archive of selected Q&As from Information Law.

Information Law Q&As

These Q&As seek to briefly address common questions faced when dealing with Information Law matters.

The Q&As supplement and link to other more detailed content within Lexis®+ UK, but are intentionally short. It is anticipated that a brief Q&A will be most helpful when you need a quick overview of an issue and its likely impact. This might arise, for example, where lawyers need to provide advice, business development or training at short notice. The Q&A content on Lexis®+ UK is date stamped. This date is the

To view the latest version of this document and thousands of others like it, sign-in with LexisNexis or register for a free trial.

TAKE A FREE TRIAL

Latest Information Law News

EDPS issues guidance to help EU bodies manage AI-related data protection risks

The European Data Protection Supervisor (EDPS) has published guidance to assist EU institutions, bodies, offices and agencies in identifying and mitigating data protection risks linked to artificial intelligence (AI) systems under Regulation (EU) 2018/1725. The Guidance for Risk Management of Artificial Intelligence systems outlines a framework aligned with ISO 31000:2018 for assessing and treating risks throughout the AI lifecycle. It emphasises technical mitigation of risks to fairness, accuracy, data minimisation, security and data subject rights, offering detailed measures to prevent bias, ensure interpretability and protect personal data. The document complements existing EDPS orientations on generative AI and data protection impact assessments, aiming to foster accountability and lawful AI deployment by EU controllers.

Commission publishes Data Union Strategy as part of Digital Package

The Data Union Strategy is a central component of the EU’s Digital Package, aimed at unlocking high-quality data for artificial intelligence and innovation across Europe. It focuses on three priority areas: scaling up access to data, streamlining data rules and strengthening the EU’s global position on international data flows. Key initiatives include the development of data labs, expansion of Common European Data Spaces and investment in synthetic data production to address data scarcity and support AI ecosystems.

Commission publishes Digital Omnibus as part of Digital Package

The European Commission has proposed a new Digital Package aimed at simplifying EU technology and data rules and boosting business efficiency across Member States. The Digital Package includes a Digital Omnibus to streamline legislation on artificial intelligence (AI), cybersecurity and data. The proposal for a Digital Omnibus includes:

Council adopts new EU regulation to speed-up cross-border GDPR complaints

The Council of the EU has adopted new legislation to enhance and expedite the handling of cross-border data protection complaints under the General Data Protection Regulation (EU) 2016/679 (EU GDPR). The regulation harmonises rules on the admissibility of complaints, strengthens the procedural rights of complainants and organisations under investigation, and introduces a simplified cooperation mechanism for straightforward cases to reduce administrative burden. It also sets binding time limits, requiring most investigations to conclude within 15 months, extendable by 12 months for complex cases, and within 12 months for simplified procedures. Following the Council’s adoption, the measure completes the legislative process, entering into force 20 days after publication in the Official Journal of the EU and applying 15 months thereafter, thereby reinforcing consistent and efficient enforcement of data protection rules across the EU.

View Information Law by content type :

News