Blog

Generative artificial intelligence is a data-intensive method of developing applications and services. The market that revolves around it has had exponential growth and created high expectations. As recital 7 of the GDPR explains that “Those developments require a strong and more coherent data...

Data protection by design encourages the creation of data protection compliance processing activities from the first moment of their conception, eliminating possible redesign costs, thus complying with the requirements of the Public Sector Contracts Law in relation to compliance with current data...

Control over the data subject's own identity is one of the most important aspects of data protection today. The introduction of eIDAS2 marks a significant evolution in the European Union’s (EU) approach to digital identity.

In this article we propose the assessment of the training processing of an AI system based on machine learning and neural networks.

The right to data protection is not an absolute right, it is limited by other fundamental rights and constitutionally protected legal rights (Constitutional Court ruling 292/2000, of 30 November). An essential interest for the life of the data subject or of a third party may therefore prevail over...

This is the second in a series of articles detailing the Agency's participation in other international forums in which data protection also plays an important role. In this case, we are talking about the Organisation for Economic Co-operation and Development (OECD). In this post we briefly explain...

Probabilistic or estimative methods have proven to be powerful tools for processing personal data and are used in many digital services and applications, but they pose dilemmas regarding compliance with the principle of accuracy, because their nature implies possible cases of false negatives, false...

In this post, we discuss the potential implications of treating identity as a service rather than a fundamental right and how the shift towards identity as a service impacts individuals' control over their personal data. The commodification of identity may affect citizens' rights and freedoms...

The Spanish Data Protection Agency (AEPD) has an intense international activity focused especially on the European Union and the bodies in which it has the legal obligation to participate, such as the European Data Protection Board.