Photo of Marty Hansen

Marty Hansen

Martin Hansen has over two decades of experience representing some of the world’s leading innovative companies in the internet, IT, e-commerce, and life sciences sectors on a broad range of regulatory, intellectual property, and competition issues, including related to artificial intelligence. Martin has extensive experience in advising clients on matters arising under EU and U.S. law, UK law, the World Trade Organization agreements, and other trade agreements.

The European Commission first published a proposal for an AI Liability Directive (“AILD”) in September 2022 as part of a broader set of initiatives, including proposals for a new Product Liability Directive (“new PLD”) and the EU AI Act (see our blog posts here, here and here).

The AILD was intended to introduce uniform rules for certain aspects of non-contractual civil claims relating to AI, by introducing disclosure requirements and rebuttable presumptions.

However, unlike the new PLD and EU AI Act, which have both been adopted and have entered into force, the AILD has encountered stagnation and resistance during the legislative process.Continue Reading The Future of the AI Liability Directive

The Commission and the European Board for Digital Services have announced the integration of the revised voluntary Code of conduct on countering illegal hate speech online + (“Code of Conduct+”) into the framework of the Digital Services Act (“DSA”). Article 45 of the DSA states that, where significant systemic risks emerge under Article 34(1) (concerning the obligation on very large online platforms (“VLOPs”) and very large online search engines (“VLOSEs”) to identify, analyse, and assess systemic risks), and concern several VLOPs or VLOSEs, the Commission may invite VLOPs and VLOSEs to participate in the drawing up of codes of conduct, including commitments to take risk mitigation measures and to report on those measures and their outcomes. The Code of Conduct+ was adopted in this context. VLOPs and VLOSEs’ adherence to the Code of Conduct+ may be considered as a risk mitigation measure under Article 35 DSA, but participation in and implementation of the Code of Conduct+ “should not in itself presume compliance with [the DSA]” (Recital 104).

The Code of Conduct+—which builds on the Commission’s original Code of Conduct on countering illegal hate speech online, published in 2016—seeks to strengthen how Signatories address content defined by EU and national laws as illegal hate speech. Adhering to the Code of Conduct+’s commitments will be part of the annual independent audit of VLOPs and VLOSEs required by the DSA (Art. 37(1)(b)), but smaller companies are free to sign up to the Code as well.Continue Reading Introduction of the Revised Code of Conduct+ and the Digital Services Act

In case you missed it before the holidays: on 17 December 2024, the UK Government published a consultation on “Copyright and Artificial Intelligence” in which it examines proposals to change the UK’s copyright framework in light of the growth of the artificial intelligence (“AI”) sector.   

The Government sets out the following core objectives for a new copyright and AI framework:

  • Support right holders’ control of their content and, specifically, their ability to be remunerated when AI developers use that content, such as via licensing regimes;
  • Support the development of world-leading AI models in the UK, including by facilitating AI developers’ ability to access and use large volumes of online content to train their models; and
  • Promote greater trust between the creative and AI sectors (and among consumers) by introducing transparency requirements on AI developers about the works they are using to train AI models, and potentially requiring AI-generated outputs to be labelled.

In this post, we consider some of the most noteworthy aspects of the Government’s proposal.Continue Reading UK Government Proposes Copyright & AI Reform  

On November 6, 2024, the UK Information Commissioner’s Office (ICO) released its AI Tools in recruitment audit outcomes report (“Report”). This Report documents the ICO’s findings from a series of consensual audit engagements conducted with AI tool developers and providers. The goal of this process was to assess compliance with data protection law, identify any risks or room for improvement, and provide recommendations for AI providers and recruiters. The audits ran across sourcing, screening, and selection processes in recruitment, but did not include AI tools used to process biometric data, or generative AI. This work follows the publication of the Responsible AI in Recruitment guide by the Department for Science, Innovation, and Technology (DSIT) in March 2024.Continue Reading ICO Audit on AI Recruitment Tools

On 2 December 2024, the European Data Protection Board (“EDPB”) adopted its draft guidelines on Article 48 GDPR (the “Draft Guidelines”). The Draft Guidelines are intended to provide guidance on the GDPR requirements applicable to private companies in the EU that receive requests or binding demands for personal data from public

Continue Reading EDPB adopts draft guidelines on requirements when responding to requests from non-EU public authorities

On November 4, 2024, the European Commission (“Commission”) adopted the implementing regulation on transparency reporting under the Digital Services Act (“DSA”). The implementing regulation is intended to harmonise the format and reporting time periods of the transparency reports required by the DSA.

Transparency reporting is required under Articles 15, 24 and

Continue Reading European Commission Adopts Implementing Regulation on DSA Transparency Reporting Obligations

On 12 July 2024, EU lawmakers published the EU Artificial Intelligence Act (“AI Act”), a first-of-its-kind regulation aiming to harmonise rules on AI models and systems across the EU. The AI Act prohibits certain AI practices, and sets out regulations on “high-risk” AI systems, certain AI systems that pose transparency risks, and general-purpose AI (“GPAI”) models.

The AI Act’s regulations will take effect in different stages.  Rules regarding prohibited practices will apply as of 2 February 2025; obligations on GPAI models will apply as of 2 August 2025; and both transparency obligations and obligations on high-risk AI systems will apply as of 2 August 2026.  That said, there are exceptions for high-risk AI systems and GPAI models already placed on the market:  Continue Reading EU Artificial Intelligence Act Published

On May 30, 2024, the Court of Justice of the EU (“CJEU”) handed down its rulings in several cases (C-665/22, Joined Cases C‑664/22 and C‑666/22, C‑663/22, and Joined Cases C‑662/22 and C‑667/22) concerning the compatibility with EU law of certain Italian measures imposing obligations on providers of online platforms and search engines.  In doing so, the CJEU upheld the so-called “country-of-origin” principle, established in the EU’s e-Commerce Directive and based on the EU Treaties principle of free movement of services.  The country-of-origin principle gives the Member State where an online service provider is established exclusive authority (“competence”) to regulate access to, and exercise of, the provider’s services and prevents other Member States from imposing additional requirements.

We provide below an overview of Court’s key findings.Continue Reading CJEU Upholds Country-of-Origin Principle for Online Service Providers in the EU

Although the final text of the EU AI Act should enter into force in the next few months, many of its obligations will only start to apply two or more years after that (for further details, see our earlier blog here). To address this gap, the Commission is encouraging industry to take early, voluntary steps to implement the Act’s requirements through an initiative it is calling the AI Pact. With the upcoming European elections on the horizon, the Commission on 6 May 2024 published additional details on the AI Pact and encouraged organizations to implement measures addressing “critical aspects of the imminent AI Act, with the aim of curbing potential misuse” and contributing “to a safe use of AI in the run-up to the election.”Continue Reading European Commission Calls on Industry to Commit to the AI Pact in the Run-Up to the European Elections

On April 25, 2024, the UK’s Investigatory Powers (Amendment) Act 2024 (“IP(A)A”) received royal assent and became law.  This law makes the first substantive amendments to the existing Investigatory Powers Act 2016 (“IPA”) since it came into effect, and follows an independent review of the effectiveness of the IPA published in June 2023.Continue Reading Changes to the UK investigatory powers regime receive royal assent