After the GDPR: Cybersecurity is the Elephant in the Artificial Intelligence Room

This article presents an analysis of data protection authorities’ (DPAs) enforcement actions undertaken since the implementation of the General Data Protection regula-tion (GDPr) in May 2018. the analysis shows that corporations fail to adopt trans-parent data processing practices and appropriate te...

Descripción completa

Detalles Bibliográficos
Autores: Degli Esposti, Sara, Mocholí Ferrándiz, Ester
Tipo de recurso: artículo
Estado:Versión aceptada para publicación
Fecha de publicación:2021
País:España
Institución:Consejo Superior de Investigaciones Científicas (CSIC)
Repositorio:DIGITAL.CSIC. Repositorio Institucional del CSIC
OAI Identifier:oai:digital.csic.es:10261/263598
Acceso en línea:http://hdl.handle.net/10261/263598
Access Level:acceso abierto
Palabra clave:Data protection law
Cybersecurity
Artificial intelligence
ICO
AEPD
DPA
Big data
Compliance
Supervisory authority
Sanctions
Descripción
Sumario:This article presents an analysis of data protection authorities’ (DPAs) enforcement actions undertaken since the implementation of the General Data Protection regula-tion (GDPr) in May 2018. the analysis shows that corporations fail to adopt trans-parent data processing practices and appropriate technical and organisational measures to secure personal data. By focusing on two specific DPAs, the Spanish AePD and the British ICo, we make practical suggestions on how to foster the healthy develop-ment of the european digital ecosystem and the deployment of trustworthy artificial intelligence in big data environments in the face of growing cybersecurity risks.