Blog – Page 119 – CIO.works

EU Sails Past Deadline to Tame AI Models Amid Vocal US Opposition

EU fails to meet deadline to regulate AI amid US lobbying, with concerns over new rules following surge in AI use post-ChatGPT. Efforts to establish a “code of practice” for AI models face criticism from US tech firms and concerns from European lawmakers about diluting regulations. The US government has echoed these criticisms, complicating the EU's regulatory ambition. The outcome hinges on cooperation from major AI companies as August 2 compliance deadline approaches.

https://www.politico.eu/article/eu-deadline-artificial-intelligence-models-lobbying/

Corporate Compliance Under the EU Artificial Intelligence Act: Legal Framework and Strategic Implications

By CIO / Blog / regulation, EU, AI

EU's Artificial Intelligence Act establishes a comprehensive legal framework for AI, imposing obligations on companies within and outside the EU. It adopts a risk-based approach requiring compliance assessments, internal policies on generative AI, and ongoing monitoring after deployment. The Act categorizes AI systems by risk level, outlines compliance procedures, and mandates transparency and incident reporting. Non-compliance can result in significant penalties. The Act aims to unify the internal market, mitigate risks, and foster trustworthy AI development. Companies must proactively embrace compliance for strategic advantage.

https://www.leadersleague.com/en/news/corporate-compliance-eu-artificial-intelligence-act

Now’s Our Chance to Lead on AI Regulation

By CIO / Blog / regulation, AI

TLDR: New Zealand has the opportunity to lead AI regulation by requiring government transparency in AI use, ensuring public trust and appropriate oversight. Current frameworks can manage AI in the private sector, but government applications need strict transparency to avoid misuse and bias.

https://newsroom.co.nz/2025/05/05/nows-our-chance-to-lead-on-ai-regulation/

AI Chat Support and GDPR: Ensuring Data Privacy in Automated Conversations

By CIO / Blog / GDPR, AI, data protection

AI chat support must comply with GDPR for data privacy, especially in the EU. Businesses should transparently inform users about data collection, limit data to what's necessary, ensure accuracy, and securely store information. Avoid common pitfalls like neglecting user consent and indefinite data storage. Tools like Kodif can streamline GDPR compliance through features like consent management, data anonymization, and audit trails, reinforcing the importance of data privacy as a competitive advantage.

https://techbullion.com/ai-chat-support-and-gdpr-ensuring-data-privacy-in-automated-conversations/

AI Chat Support and GDPR: Ensuring Data Privacy in Automated Conversations

By CIO / Blog / AI, GDPR, data protection

AI chat support offers businesses efficient customer service but raises data privacy concerns under GDPR in the EU. Compliance requires clear user information regarding data collection, purpose limitation, and data protection principles. Chatbots must ensure transparency, minimal data collection, user data accuracy, timely deletion, security, and provide users control over their data. Mistakes can lead to fines and reputation loss. Platforms like Kodif streamline compliance through automation. Prioritizing GDPR compliance fosters customer trust and enhances business reputation.

https://techbullion.com/ai-chat-support-and-gdpr-ensuring-data-privacy-in-automated-conversations/

Threat Intelligence Platforms

By CIO / Blog / cybersecurity

CISOs are increasingly adopting Threat Intelligence Platforms (TIPs) by 2025 for proactive security, driven by growing cyber threats. TIPs now integrate AI for advanced data analysis, automation, and threat prediction. Key trends include converged security operations, geopolitical intelligence, ransomware defense, regulatory compliance automation, and human-centric threat modeling. Success hinges on cultural and operational transformation within organizations, emphasizing collaboration, continuous learning, and proactive risk management. TIPs are seen as a strategic asset, enhancing cybersecurity from a cost center to a competitive advantage.

https://cybersecuritynews.com/threat-intelligence-platforms/

Cyberattacks Highlight Urgent Need for Zero Trust Security

By CIO / Blog / cybersecurity, uk

Cyberattacks, like the disruption at Marks & Spencer, signal a crucial need for Zero Trust security as traditional password practices fail against evolving threats. Experts emphasize identity-focused cybersecurity, advocating for preemptive measures and multi-factor authentication. A trend toward identity-based attacks highlights the inadequacy of legacy defenses. Analysts stress the importance of AI-driven approaches for real-time threat detection and rapid response to minimize damage and restore trust. Organizations are urged to invest in integrated strategies to remain resilient against increasingly sophisticated cyber challenges.

https://securitybrief.co.uk/story/cyberattacks-highlight-urgent-need-for-zero-trust-security

Age Verification in the European Union: The Commission’s Age Verification App

By CIO / Blog / privacy, EU

EU's Age Verification App aims to verify users' ages via digital wallets but poses privacy and accessibility concerns. It relies on various methods (eIDs, biometric data), but many marginalized groups may be excluded, risking their access to online services. Privacy measures in the app are not mandatory, and the reliance on zero-knowledge proofs and verification regulations may not adequately protect user data. The initiative could hinder democratic access while attempting to safeguard children online. More robust regulations and equitable access solutions are needed.

https://www.eff.org/deeplinks/2025/04/age-verification-european-union-mini-id-wallet

Digital Identities and the Future of Age Verification in Europe

By CIO / Blog / EU, privacy

EU age verification trends push digital identities for user safety, but raise privacy concerns. Proposals may mandate age checks, risking free expression and contradicting children's rights. Current laws suggest age evaluations without explicit requirement. Upcoming digital identity wallets planned for 2026 could be used for age verification, potentially expanding beyond intended limits, creating further privacy issues. EFF critiques this approach, urging to prioritize user rights.

https://www.eff.org/deeplinks/2025/04/digital-identities-and-future-age-verification-europe

Microsoft Getting Nervous About Europe’s Tech Independence

By CIO / Blog / data protection, Microsoft

Microsoft is reacting to growing European skepticism about US tech companies by reinforcing data privacy commitments and enhancing its cloud infrastructure in Europe. Amid concerns over US policies and potential data vulnerabilities, Microsoft plans to increase its European data center capacity by 40%, implement a governance model compliant with European laws, and legally commit to contesting any government orders that threaten its operations in Europe. This strategy aims to restore customer trust and ensure compliance with local regulations amidst geopolitical tensions.

https://www.theregister.com/2025/04/30/microsoft_getting_nervous_about_europes/