German Privacy Authorities Eye Key Role in Upcoming EU AI Act

Germany's privacy regulators are positioning themselves to play a central role in governing AI systems as new rules loom. The Data Protection Conference issued extensive guidance on lawfully deploying AI applications involving personal data. The recommendations cover legal bases, transparency, anti-discrimination checks and other requirements.

Simultaneously, the Conference published its stance that existing data protection authorities should become the primary national enforcers of the EU's incoming AI Act. Their proposal would designate the Federal Commissioner as the lead agency, while allowing some sector-specific exemptions.

The authorities argue their expertise overseeing data-driven technologies under GDPR makes them suited for this role. Centralizing AI oversight under them could promote uniform enforcement and prevent overlapping bureaucracy. However, taking on such expansive new responsibilities would require proper staffing and resources.