Time to regenerate

The Information Commissioner’s fourth call for evidence in its Generative AI consultation series on ‘engineering individual rights into generative AI models’ suggests that generative AI model developers should regenerate their privacy policies to ensure that they provide individuals with sufficient information to ascertain whether they have been affected by the web scraping of their personal data.

Scraping together a lawful basis

As the Information Commissioner’s Office consults on the lawful basis for web scraping by AI developers to train generative AI models under the UK GDPR, Handley Gill’s specialist data protection and artificial intelligence (AI) consultants comment on the issues arising and share their consultation response.

Nicola Cain1 March 2024Data Protection, Personal Data, Data Privacy, UK GDPR, GDPR, UK GENERAL DATA PROTECTION REGULATION, General Data Protection Regulation, ARTICLE 6 UK GDPR, Article 6(1)(f) UK GDPR, Legitimate Interests, Legitimate Interests Assessment, Information Commissioner, Information Commissioner's Office, Consultation, Consultation Response, Artificial Intelligence, AI, Generative AI, Generative Artificial Intelligence, Intellectual Property, Intellectual Property Rights, Copyright, Copyright Infringement, Web Scraping, AI Training, AI Training Data, Intellectual Property Office, IPO, A pro-innovation approach to AI regulation, Voluntary code of practice on copyright and AI, Sir Patrick Vallance, Pro-Innovation Regulation for Digital Technologies Review, House of Lords Communications & Digital Committee, Report on Large Language Models (LLMs) and Generative AI, Data Mining, Copyright Designs and Patents Act 1988, AI Regulation, Joint statement on data scraping and data protection, Data scrapingComment

AI regulation in the UK: in out in out shake it all about

Handley Gill’s consultants analyse the Government’s response to its consultation on the White Paper ‘A pro-innovation approach to AI regulation’, published on 06 February 2024, and its implications for AI developers and UK creators, business and the public, identifying the steps the Government has committed to take.

Nicola Cain6 February 2024AI, Artificial Intelligence, Artificial Intelligence (Regulation) Bill, A pro-innovation approach to AI regulation, Department for Science Innovation & Technology, AI Governance, AI Regulation, AI Risk, AI Risk Assessment, AI Safety, EU AI Act, AI Act, AI Regulation White Paper, House of Lords Communications & Digital Committee, Large Language Models & Generative AI, Large Language Models, LLMs, Generative AI, Ofcom, Information Commissioner's Office, Information Commissioner, ICO, EHRC, Equality and Human Rights Commission, CMA, Competition & Markets Authority, Digital Markets Competition & Consumers Bill, Data Protection & Digital Information Bill, DPDI Bill, Data Protection, Discrimination, Bias, Cyber Security, Ofsted, Office for Product Safety & Standards, AI Regulatory Principles, 5 AI Regulatory Principles, Centre for Data Ethics and Innovation, CDEI, Responsible Technology Adoption Unit, Employment Law, HR, Human Resources, Recruitment, Automated Processing, Automated Decision Making, Safety Security & Robustness, Appropriate transparency and explainability, Fairness, Accountability & Governance, Contestability and redress, Copyright, Copyright Infringement, Intellectual Property, Intellectual Property Rights, IPR, Misinformation, Disinformation, Online Safety Act 2023, AI Management Essentials Scheme, AI Security, AI Safety Institute, Human Rights, Human Rights Act 1998Comment

AI acceleration

Handley Gill’s specialist AI and data protection consultants summarise the House of Lords’ Communications and Digital Committee’s report on Large Language Models (LLMs) and Generative AI, which calls on the government to act at pace to address the real and immediate risks posed by artificial intelligence.

AI Bootcamp Part II

In Part 2 of our 5 part Artificial Intelligence (AI) Bootcamp, we consider the risks associated with developing artificial intelligence (AI) tools, including to intellectual property rights (IPR), data protection and privacy, cyber security, human rights and the existential risk to humanity. In Part 1 of our AI Bootcamp we considered the terms and concepts needed to understand what AI is and how it works. In Parts 3-4 we will consider the risks of using and even not using AI, while in Part 5 of our AI Bootcamp, we will focus on AI regulation.

Licence to hack?

Home Office Minister Lord Sharpe has confirmed that, following intensive lobbying by pockets of the cyber security industry, the government intends to pursue the introduction of a statutory public interest defence to the offences under the Computer Misuse Act 1990 (‘CMA’). Handley Gill Limited’s consultants consider the implications for cyber resilience, the protection of personal data and IP, and the ability of law enforcement to prosecute offences.

Nicola Cain4 July 2023Cyber Security, Cyber Resilience, Hack, Hacking, Computer Misuse Act 1990, CMA, CMA 1990, CMA offence, Home Office, Lord Sharpe, Lord Clement-Jones, Sir Patrick Vallance, Pro-Innovation Regulation for Digital Technologies Review, Data extraction, Public Interest, Public Interest Defence, Computer Misuse Act 1990 Call for Information, Computer Misuse Act 1990 Consultation, CMA working group, Computer Fraud and Abuse Act, CFAA, Department of Justice, US DoJ, Good-faith security activity, Legitimate cyber security activity, Section 170 Data Protection Act 2018, s.170 Data Protection Act 2018, S.170(2)(c) Data Protection Act 2018, S.170 DPA 2018, Unlawful obtaining of personal data, Copyright Designs and Patents Act 1988, Section 107 Copyright Designs and Patents Act 1988, S.107 Copyright Designs & Patents Act 1988, S.107 CDPA 1988, Copyright, Consultation Response, Statutory defence, Hansard Volume 831 Column 993 03 July 2023, Computer Misuse Act 1990 defence, CMA defenceComment

What's missing from the Computer Misuse Act 1990?

Handley Gill Limited’s consultants respond to the Home Office consultation on proposals to revise the Computer Misuse Act 1990 to introduce additional powers for law enforcement bodies to takedown and seize domains and IP addresses and, require the preservation of data, as well as to introduce new offences and stronger sentencing for the copying of data. We also call for stronger cyber resilience legislation, through the introduction of minimum cyber security standards, while rejecting lobbying efforts for a blanket public interest defence to CMA offences. Finally, we advocate for stronger extra-territoriality of CMA offences and stronger sentencing powers and associated guidance.

Nicola Cain10 April 2023Cyber Security, Cyber Resilience, Computer Misuse Act 1990, CMA, CMA 1990, Law Enforcement, Domain name registrars, Domain name registries, Internet Service Providers, ISPs, Hosting providers, Web hosts, Consultation, Consultation Response, Public Interest, Public Interest Defence, CyberUp campaign, Sir Patrick Vallance, Chief Scientific Adviser, HM Treasury, Home Office, Pro-Innovation Regulation for Digital Technologies Review, Computer Misuse Act 1990 Call for Information, Computer Misuse Act 1990 Consultation, Domain name takedown and seizure, IP address take down and seizure, Online intermediaries, Domain name and IP address takedown and seizure, Data preservation, Data copying, Crown Prosecution Service, CPS, Product Security and Telecommunications Infrastructure Act 2002, Hacking, Proposal for legislation to improve the UK's cyber resilience, DSIT, Department for Science Technology & Innovation, Copyright, Copyright Designs and Patents Act 1988, CDPA 1988, s107 Copyright Designs and Patents Act 1988, Section 107 Copyright Designs and Patents Act 1988, Section 170(1)(a) Data Protection Act 2018, Personal Data, Commercial Data, s170(1)(a) Data Protection Act 2018, Information Commissioner, Information Commissioner's Office, ICO, Data Breach, Data Protection, Data Protection Offences, Intellectual Property, Intellectual Property OffencesComment