Topics
Browse posts by category and tag — every topic we cover, with the latest pieces under each.
Tags
- #compliance 6
- #eu-ai-act 3
- #gdpr 2
- #llm 2
- #ai-office 1
- #article-22 1
- #article-50 1
- #automated-decision-making 1
- #cross-border-transfers 1
- #disclosure 1
- #dpia 1
- #enforcement 1
- #foundation-models 1
- #gdpr-article-35 1
- #meta 1
- #policy 1
- #regulator 1
- #risk-assessment 1
- #scc 1
- #schrems-ii 1
- #synthetic-content 1
- #transparency 1
Categories
policy 6 posts
- Cross-Border LLM Data Transfers: SCC Compliance After Schrems IIMost LLM deployments cross borders. The Standard Contractual Clauses framework, post-Schrems II case law, and the supplementary measures requirement apply directly. Here's the working compliance pattern.
- DPIA Template for LLM Deployment: A Working StructureA practical Data Protection Impact Assessment structure for LLM-integrated workflows. Includes the risk factors GDPR Article 35 requires, the AI Act overlay, and the sections most often skipped.
- EU AI Office Enforcement Priorities for 2026: What Signals SayThe AI Office hasn't published a formal enforcement plan, but its working papers, staffing decisions, and member-state coordination show where the early actions will land.
- EU AI Act Article 50: Transparency Obligations ExplainedArticle 50 imposes disclosure obligations on anyone deploying chatbots, generating synthetic content, or running emotion-recognition systems. Here's what counts and what doesn't.
- GDPR Article 22 and LLM Automated Decision-MakingArticle 22's prohibition on solely automated decision-making with legal effects applies to many LLM workflows people don't realize. Here's the working test.
- EU AI Act Article 52: A Provider's Disclosure ChecklistWhat Article 52 actually requires of foundation model providers, what the EDPB's draft guidance clarifies, and how to operationalize disclosure without exposing trade secrets.