Processing of Personal Data in the Context of Artificial Intelligence Models

Introduction

The European Data Protection Board (‘EDPB’) published Opinion 28/2024[1] examining principal data protection issues arising from the processing of personal data within artificial intelligence (‘AI’) model environments. This Opinion was formulated in response to a request from the Irish Supervisory Authority pursuant to Article 64(2) of the GDPR,[2] acknowledging the extensive deployment[3] of AI technologies and the intricate challenges they present to data protection legislation.

Background

The EDPB’s Opinion was prompted by increasing demand for a harmonised approach to the application of GDPR provisions to AI models throughout the European Economic Area. Organisations increasingly depend upon AI for varied purposes, including enhancing customer services and identifying fraudulent activities. However, the integration of personal data into AI model development and deployment gives rise to significant legal and ethical concerns.

The principal questions examined in the Opinion comprise:

1. The circumstances under which an AI model may be deemed anonymous.
2. The suitability of legitimate interest as a lawful basis for data processing during AI development phases.
3. The suitability of legitimate interest as a lawful basis for data processing during AI deployment phases.
4. The consequences of utilising unlawfully processed personal data during AI model development for subsequent AI model operations.

The Opinion seeks to provide guidance to supervisory authorities on consistent GDPR enforcement whilst addressing systemic and emerging issues arising from AI technologies.

Scope of the Opinion

Anonymisation of AI Models: Establishing when AI models trained on personal data may be deemed anonymous.

Legitimate Interest: Evaluating how controllers may rely upon legitimate interest as a lawful basis during AI model development and deployment.

Impact of Unlawful Processing: Assessing the ramifications of utilising unlawfully processed personal data during the development phase for subsequent AI model operations.

The EDPB emphasises that its guidance does not constitute an exhaustive solution but rather provides a framework enabling supervisory authorities to evaluate AI-related data protection concerns on a case-by-case basis.

Main Findings of the Opinion

1. Anonymisation of AI Models:

The EDPB emphasises in the Opinion that AI models trained on personal data cannot be universally deemed anonymous. This determination depends upon whether personal data can be directly or indirectly inferred from the model.

Supervisory authorities must evaluate AI model anonymity through case-by-case analysis. The Opinion provides a non-exhaustive list of methods that may be employed by controllers claiming anonymity, including: model design demonstrating prevention or limitation of personal data collection and use for model training; reduction of data identifiability; prevention of extraction; and resistance to attacks (e.g., membership inference and model inversion).

Anonymity requires that both direct extraction of personal data and unintentional disclosure through queries be negligible under reasonable circumstances.

2. Legitimate Interest as a Lawful Basis:

The Opinion emphasises that legitimate interest pursuant to Article 6(1)(f) of the GDPR cannot serve as the default lawful basis for personal data processing in AI model training.[4] It further notes that the GDPR establishes no hierarchy amongst the different lawful bases for processing. Controllers must justify the appropriate lawful basis by demonstrating compliance with the three-step test:[5]

• Identifying the legitimate interest pursued by the controller or a third party. For this purpose, the interest must cumulatively be: (i) lawful; (ii) clearly and specifically articulated; and (iii) real and present.
• Assessing the necessity of processing for the stated interest by satisfying the ‘necessity test’.
• Ensuring that the legitimate interest is not overridden by data subjects’ fundamental rights and freedoms by satisfying the ‘balancing test’. Given the complexity of AI models, the reasonable expectations of data subjects regarding processing activities are relevant to the balancing test.

The Opinion includes a non-exhaustive list of mitigating measures during the AI development and deployment phases that could limit the impact of data processing whilst ensuring compliance with transparency and data minimisation principles. For instance, excluding from publications data content concerning vulnerable individuals, and refraining from collecting data from websites that object to web scraping may constitute forms of mitigation measures.[6]

3. Unlawful Processing of Personal Data:

The Opinion identifies three scenarios concerning unlawful processing during AI model development:

• Scenario 1: Where personal data is retained in the model and used by the same controller during deployment, the impact on lawfulness depends upon the purpose of the subsequent processing.
• Scenario 2: Where personal data is retained in the model and used by another controller through the deployment of the model, the recipient must verify the lawfulness of the data used in development as part of its accountability obligations to ensure lawful processing and compliance with Articles 5(1)(a) and 6 of the GDPR. In this regard, the EDPB recommends that controllers pay attention to the source of the data and any apparent factors indicating that the initial processing was found unlawful by a supervisory authority or court decision determining infringement of the GDPR by the AI model.
• Scenario 3: Where personal data is unlawfully processed to develop an AI model and anonymised before deployment by the same or another controller, subsequent operations may not fall within the scope of the GDPR unless personal data is reintroduced. However, where further personal data is collected during the post-anonymisation deployment phase, the GDPR would apply. Consequently, the lawfulness of processing at the deployment phase may be affected by unlawful initial processing, unless the model has been anonymised.

Conclusion

Opinion 28/2024 underscores the EDPB’s commitment to addressing the challenges presented by diverse AI technologies whilst safeguarding data subjects’ rights. By emphasising a case-by-case approach, the Opinion equips supervisory authorities and data protection officers with tools to assess compliance and promote ethical, secure, and responsible innovation.

[1] EDPB, Opinion 28/2024 on certain data protection aspects related to the processing of personal data in the context of AI models, 17.12.2024, Access Date: 06.01.2025, For Access: https://www.edpb.europa.eu/system/files/2024-12/edpb_opinion_202428_ai-models_en.pdf

[2] Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) OJ L 119, 4.5.2016, s. 1–88.

[3] EU AI Act Article 3 defines deployer as follows: “a natural or legal person, public authority, agency or other body using an AI system under its authority except where the AI system is used in the course of a personal non-professional activity”. Deployment involves the process by which an AI system is put into use by a deployer within their area of authority. This encompasses the integration and application of the AI system in real-world settings to achieve its intended objectives.

[4]    CMS Law-Now, 20.12.2024, Access Date: 06.01.2025, For Access: https://cms-lawnow.com/en/ealerts/2024/12/edpb-opinion-28-2024-key-takeaways-on-processing-personal-data-in-the-context-of-ai-models?format=pdf&v=13

[5] For further information on three-step test please see: EDPB Guidelines 1/2024 on processing of personal data based on Article 6(1)(f) GDPR, 08.10.2024, Access Date: 06.01.2025, For Access: https://www.edpb.europa.eu/system/files/2024-10/edpb_guidelines_202401_legitimateinterest_en.pdf.

[6]    Rosie Nance, Marcus Evans, Francesco Gelmetti, The EDPB Opinion on training AI models using personal data and recent Garante fine – lawful deployment of LLMs, Access Date: 06.01.2025, For Access: https://www.dataprotectionreport.com/2025/01/the-edpb-opinion-on-training-ai-models-using-personal-data-and-recent-garante-fine-lawful-deployment-of-llms/#page=1

This article was authored by Erdem & Erdem Senior Associate Tilbe Birengel