Top
image credit: Adobe Stock

Under modern US privacy laws, is an organization required to distribute its privacy notice to every individual whose information is used to train an AI?

September 7, 2023

Via: National Law Review
Category:

Under the European GDPR, if the personal information that an organization is going to use as part of training an AI has been collected directly from individuals, then those individuals should be provided with a copy of the organization’s privacy notice “at the time when personal data are obtained.”[1] If the personal information that the organization is going to use as part of training an AI has been collected from a third-party source (e.g., scraped from the internet or received from another controller), then the GDPR generally permits the controller (with a few exceptions) to provide a copy of its privacy notice “within a reasonable period, but at latest within one month” after the data is collected.[2] The latter requirement is memorialized within GDPR Article 14.

Read More on National Law Review

RELATED PUBLICATIONS

How to Invest in Commercial Real Estate: A Beginner’s Guide
FTC Votes to Ban Noncompete Agreements
New Florida Law Blocks Certain Local Workplace Rules: Top 3 Things Employers Should Note

Latest Publications

How to Invest in Commercial Real Estate: A Beginner’s Guide
FTC Votes to Ban Noncompete Agreements
New Florida Law Blocks Certain Local Workplace Rules: Top 3 Things Employers Should Note
Legal Curated Copyright © 2024. All rights reserved
Go to ITCurated!