Law & Compliance in AI Security & Data Protection (EDPB SPE)
EDPB Support Pool of ExpertsExpert training
An EDPB-commissioned expert training for DPOs and privacy counsel, giving a legally-focused, case-study-driven treatment of how the GDPR, the AI Act and the Data Act interact on AI security and personal-data protection.
- Published by
- European Data Protection Board (EDPB), Support Pool of Experts (SPE) programme — authored by Dr Marco Almada, at the request of the Hellenic DPA (HDPA)
- Type
- Expert training / curriculum for DPOs (legal focus)
- Jurisdiction
- EU / EEA — GDPR, AI Act, Data Act
- Primary audience
- DPOs and privacy professionals with a legal focus
- Topic tags
- AI governance · AI security · GDPR × AI Act · legal analysis
- Availability
- Free PDF (completed Dec 2024; published June 2025); a Creative Commons community version is planned; English
Why it matters
AI governance is landing on the privacy desk, and the hard part is the interface between the GDPR and the AI Act — where obligations overlap, conflict, or leave gaps. This training works exactly that seam, with practical case studies, from a legal (not just technical) angle, and is one of the more rigorous free treatments available. It pairs with the companion SPE technical report on secure AI systems.
Standing caveat: Support Pool of Experts materials reflect the author's independent views, not an official EDPB position — the Board expresses its own position through Guidelines and Opinions. Treat this as an authoritative reference to reason with, not as guidance to cite as the Board's line. Directly useful for AI DPIAs and for briefing legal / AI-governance stakeholders on the GDPR–AI Act overlap.
A Weekly Guidance Watch resource entry, curated by VulaPri. We summarise and link to the original; we do not reproduce or host it. Suggest a correction.
