Tag
#compliance
10 posts tagged compliance.
- policy
US State AI Laws in 2026: Colorado, Texas, California, Illinois
A roundup of the US state AI laws shaping 2026 — Colorado's stalled SB 24-205, Texas TRAIGA, California's AB 2013, and Illinois HB 3773 — with verified statuses and dates.
- policy
CCPA, CPRA, and the New ADMT Rules: What They Mean for LLM Products
California's finalized ADMT regulations bring pre-use notice, opt-out, appeal, and risk-assessment duties to automated decisionmaking — including many LLM workflows. The timeline and the test.
- policy
Training-Data Privacy and Data-Subject Rights Against AI Models
EDPB Opinion 28/2024 and CNIL's 2025 guidance reshaped how GDPR applies to AI training data — when a model is 'anonymous,' the legitimate-interest basis, and the limits of the right to erasure.
- policy
The Privacy Risks of AI Chat Assistants: Retention, Review, Training
Consumer AI assistants increasingly default to using your conversations for training, human review, and multi-year retention. The privacy and legal analysis behind the 2025 policy shifts.
- policy
Cross-Border LLM Data Transfers: SCC Compliance After Schrems II
Most LLM deployments cross borders. The Standard Contractual Clauses framework, post-Schrems II case law, and the supplementary measures requirement apply directly. Here's the working compliance pattern.
- policy
DPIA Template for LLM Deployment: A Working Structure
A practical Data Protection Impact Assessment structure for LLM-integrated workflows. Includes the risk factors GDPR Article 35 requires, the AI Act overlay, and the sections most often skipped.
- policy
EU AI Office Enforcement Priorities for 2026: What Signals Say
The AI Office hasn't published a formal enforcement plan, but its working papers, staffing decisions, and member-state coordination show where the early actions will land.
- policy
EU AI Act Article 50: Transparency Obligations Explained
Article 50 imposes disclosure obligations on anyone deploying chatbots, generating synthetic content, or running emotion-recognition systems. Here's what counts and what doesn't.
- policy
GDPR Article 22 and LLM Automated Decision-Making
Article 22's prohibition on solely automated decision-making with legal effects applies to many LLM workflows people don't realize. Here's the working test.
- policy
EU AI Act Article 52: A Provider's Disclosure Checklist
What Article 52 actually requires of foundation model providers, what the EDPB's draft guidance clarifies, and how to operationalize disclosure without exposing trade secrets.