Germany: Adopted Data Protection Conference (DSK) guidance on AI and data protection

On 6 May 2024, the German Data Protection Conference (DSK) published guidelines on the use of Artificial Intelligence (AI) and compliance with data protection regulations. The guidance provides criteria for the lawful deployment of AI applications, including considerations for legality, personal data processing, training in compliance with data protection laws, and transparency requirements. It serves as a manual for selecting, implementing, and using AI applications in a manner that respects data protection principles. Additionally, it addresses the responsibilities of deployers, the necessity of Data Protection Impact Assessments (DPIA), and the importance of monitoring legal and technical developments in AI application use.