The German Commissioner for Data Protection, Louisa Specht-Riemenschneider, has warned about the significant challenges posed by the use of Artificial Intelligence (AI) in the context of data privacy. According to her remarks to the dts news agency in Berlin on Wednesday, she emphasized that a major problem stems from the fact that many AI models are trained using data sourced from third parties.
Specht-Riemenschneider reminded the public that the General Data Protection Regulation (GDPR) mandates a legal basis for every instance of data processing. She stated that securing such a basis is often difficult when utilizing AI technologies. Specifically, the commissioner addressed the issue of third-party data, pointing out that obtaining explicit consent for processing this type of data is frequently impossible, which could lead to legal complications. Furthermore, she cautioned that while the “balancing of legitimate interests” can be cited as a legal basis, it does not guarantee a positive outcome every time.
In response to these vulnerabilities, Specht-Riemenschneider underscored the critical need for deliberation at the European level concerning the specific conditions under which data is allowed to be processed. She advocated for a deep, purpose-driven debate to clarify exactly what kinds of data usage via AI should be permitted or prohibited. She differentiated significantly between various applications, noting that AI used to improve therapies or extend human life must be evaluated differently than its use for employee monitoring. Ultimately, the commissioner stressed the importance of data protection authorities playing a key role in public education on these complex issues.
