On Wednesday 23 April, the European Data Protection Supervisor (EDPS), Wojciech Wiewiórowski, presented his agency’s annual report for 2024, a year marked by work relating to artificial intelligence. The EDPS launched its AI Strategy in May 2024, based on three pillars: governance, risk management and supervision.
In October 2024, it also created an ‘AI unit’ responsible for ensuring that the AI systems used by the European institutions comply with European legislation on artificial intelligence (‘AI Act’). Tasks include handling complaints, conducting audits and reviewing Fundamental Rights Impact Assessments.
More generally, the EDPS responded to 97 legislative consultation requests from the European Commission in the form of opinions or comments on the data protection implications of draft laws or international agreements in various fields.
Last year also saw the conclusion of the investigation into the contract between the European Commission and Microsoft tools, which breached data protection rules (see EUROPE 13368/14).
Audits were also conducted among the various institutions to identify any limitations in their data protection practices. The EDPS also dealt with complaints from individuals who believed that the institutions had infringed their data protection rights, for example in recruitment testing or in micro-targeting campaigns on social networks.
See the full 2024 report: https://aeur.eu/f/ghy (Original version in French by Léa Marchal)