Yazılar

French Privacy Watchdog to Investigate DeepSeek Over AI and Data Protection

/in /tarafından

France’s data privacy authority, the CNIL, announced on Thursday that it will question DeepSeek to assess the workings of its AI system and potential privacy risks for users. The Chinese AI startup gained international attention after revealing that training its DeepSeek-V3 model required less than $6 million in Nvidia H800 computing power.

A CNIL spokesperson confirmed that its AI department is currently analyzing DeepSeek’s tool and will engage with the company to understand its system and data protection measures. The French regulator is among the most active in Europe, having previously fined tech giants like Google and Meta for privacy violations.

DeepSeek is also under scrutiny in other parts of Europe. Italy’s data protection authority recently requested details on its handling of personal data, while Ireland’s Data Protection Commission has inquired about data processing practices related to Irish users.

The European Union maintains strict privacy protections under its General Data Protection Regulation (GDPR), widely regarded as one of the world’s most comprehensive data privacy laws. GDPR violations can result in fines of up to 4% of a company’s global revenue. Additionally, new EU AI regulations impose transparency obligations on high-risk AI models, with penalties ranging from 7.5 million euros (or 1.5% of turnover) to 35 million euros (or 7% of global turnover), depending on the severity of violations.

As regulatory scrutiny intensifies, DeepSeek faces mounting pressure to demonstrate compliance with European data protection standards.

 

Irish Data Regulator Seeks Information from DeepSeek on Data Processing

/in /tarafından

Key Points:

  • Ireland’s Data Protection Commission (DPC) has requested information from DeepSeek, the Chinese artificial intelligence company, regarding its data processing practices involving Irish users.
  • The request pertains to how DeepSeek handles data subjects within Ireland, despite not having designated Ireland as its EU headquarters.
  • The DPC typically oversees data protection for major U.S. tech companies with European operations in Ireland, but its reach now extends to DeepSeek due to the company’s potential processing activities in the EU.

Response and Implications:

  • The DPC’s inquiry suggests heightened scrutiny of global AI companies, particularly as they expand into regions with stringent data protection laws, such as the General Data Protection Regulation (GDPR) in the EU.
  • DeepSeek’s response to the DPC’s request could set a precedent for future regulatory oversight of AI firms operating in Europe.

EU Court Imposes Fine on EU for Breaching Own Data Protection Law

/in /tarafından

In a landmark decision, the EU General Court ruled on Wednesday that the European Commission must pay compensation to a German citizen for breaching its own data protection laws. The court found that the Commission transferred the citizen’s personal data to the United States without adequate safeguards, in violation of the EU’s General Data Protection Regulation (GDPR).

The case stemmed from the individual using the “Sign in with Facebook” option to register for a conference via the EU login page. The court concluded that the Commission’s transfer of the user’s IP address to Meta Platforms in the U.S. was unlawful, as it did not meet the required data protection standards set out by the GDPR. As a result, the Commission was ordered to pay the citizen 400 euros ($412) in damages.

A spokesperson for the European Commission acknowledged the ruling and stated that it would carefully assess the judgment and its implications. This decision marks a significant development in the enforcement of GDPR, a regulation widely considered to be among the most robust data privacy laws globally. Many major companies, including Meta, LinkedIn, and Klarna, have faced heavy fines from the EU for failing to comply with these regulations.