Investigation Launched by Irish Data Protection Authority Against Google
The Irish Data Protection Authority (DPC) has initiated a transnational investigation into Google’s handling of data from European Union (EU) citizens for the training of its AI model, PaLM2, raising concerns about the digital giant’s compliance with European privacy laws, the organization announced in a press release on Thursday, September 12th.
The investigation by the DPC aims to determine whether Google should have conducted a prior impact assessment on the processing of personal data. This scrutiny of how major tech companies use user data to train AI models is increasingly under the spotlight of the EU.
Previous Actions by Irish Data Protection Authority
This is not the first time the DPC has taken on a tech giant. In June, Meta, the parent company of Facebook and Instagram, halted its AI deployment in Europe following a request from the national authority. The DPC has also targeted X for exploiting user data without consent.
Under the General Data Protection Regulation (GDPR), a Data Protection Impact Assessment (DPIA) is required for any new project that may pose a high risk to users’ personal information. The DPC emphasized the crucial importance of DPIAs in ensuring the protection of individuals’ rights and freedoms.
Collaborative Efforts for Data Protection
The new transnational investigation is part of broader efforts by the DPC, working with its EU/EEA counterparts, to regulate the processing of personal data of EU/EEA individuals in the development of AI models. Google has expressed its commitment to cooperating with the DPC to address any inquiries.
Last week, the DPC concluded its legal action against social networking platform X after the company agreed to permanently cease processing certain personal data collected within the EU for AI training. However, several unresolved questions regarding data protection remain.
Apple has announced that it will not market its Apple Intelligence AI within the Union, citing regulatory concerns.
Overall, the DPC’s investigation into Google’s data processing practices reflects a growing emphasis on protecting user privacy and ensuring compliance with stringent data protection regulations within the EU. As technology continues to advance, the need for transparent and accountable data practices becomes increasingly paramount.