We use cookies to collect and analyse information on site performance and usage to improve and customise your experience, where applicable. View our Cookies Policy. Click Accept and continue to use our website or Manage to review and update your preferences.


Give data watchdogs key AI role – EDPB
Pic: Shutterstock

23 Jul 2024 data law Print

Give data watchdogs key AI role – EDPB

The European Data Protection Board (EDPB) has called on EU member states to put existing national data-protection authorities (DPAs) in charge of supervising high-risk AI systems.

The Brussels-based EDPB ensures that data-protection law across the EU is applied consistently, and steps in to settle disputes among national data-protection regulators.

Its statement (16 July) followed the publication of the EU’s AI Act in the Official Journal of the European Union earlier this month – the final step in putting the landmark legislation into effect.

The act requires member states to designate at least one authority to supervise and enforce its provisions before 2 August 2025.

‘Experience and expertise’

“A prominent role of the DPAs at national level should be recognised, in particular due to the experience and expertise gathered by them in working out guidelines and best practices and carrying out enforcement actions on AI-related issues with respect to the processing of personal data at both national and international level,” the EDPB stated.

It added that additional staff and financial resources should be allocated to national DPAs to enable them to take on the additional AI-related tasks.

Lawyers at Matheson say that it remains to be seen which national body or bodies will be appointed by the Irish Government to supervise and enforce the AI Act.

In May, the Department of Enterprise, Trade and Employment launched a public consultation on the implementation of the act, which closed last week.

The Matheson lawyers note that Ireland’s Data Protection Commission (DPC) last week published its first guidance on the interplay of data-protection laws and AI.

‘Significant challenges’ for DPC

The guidance emphasises the importance of understanding how personal data is used in AI systems, ensuring transparency, and complying with the GDPR and data-protection legislation.

“Given the DPC’s role as lead supervisory authority for so many multi-national technology companies whose EU headquarters are located in Ireland, the DPC's role in regulating AI product providers and deployers’ compliance with data-protection laws will be crucial,” Matheson says.

Its lawyers warn, however, that “significant challenges” would inevitably accompany any expanded role for the DPC, due to the “considerable resources” that would be needed.

Gazette Desk
Gazette.ie is the daily legal news site of the Law Society of Ireland

Copyright © 2024 Law Society Gazette. The Law Society is not responsible for the content of external sites – see our Privacy Policy.