The European Commission hosted a high-level meeting to lay the groundwork for the upcoming AI Board, a key body in implementing the EU's landmark AI Act. The gathering aimed to "set the groundwork for the forthcoming implementation of the AI Act," which is expected to come into force in early August.

The Austrian DPA stresses that GDPR remains crucial when processing personal data, even with the new AI regulation. Any AI system processing personal data must comply with the data protection principles and have a legal basis for processing. Automated individual decisions must adhere to Article 22 of GDPR, with the data controller bearing the burden of proof for lawful processing. If an AI system is non-compliant with the GDPR, the data protection authority must take corrective measures, including fines.

Marking a final step in the legislative process, the Council of the European Union today approved the EU AI Act. In March, the European Parliament overwhelmingly endorsed the AI Act. The Act will next be published in the Official Journal. The law begins to go into force across the EU 20 days afterward.

Germany's privacy regulators are positioning themselves to play a central role in governing AI systems as new rules loom. The Data Protection Conference issued extensive guidance on lawfully deploying AI applications involving personal data. The recommendations cover legal bases, transparency, anti-discrimination checks and other requirements.