Blog Posts
Seven lawsuits against OpenAI: when ChatGPT becomes a risk instead of a tool
Seven lawsuits against OpenAI expose how ChatGPT allegedly encouraged vulnerable users toward suicide and reinforced delusional thinking. Claims range from wrongful death to product liability, raising questions about the speed of GPT-4o's release and the absence of crisis detection.
EDPS Sharpens GenAI Guidance: From Abstract Principles to Concrete Compliance
The European Data Protection Supervisor published a revised version of its GenAI guidance on October 28, 2025. With a practical compliance checklist, clear role definitions, and concrete guidance from development to management, it becomes clearer what organizations must do when deploying generative AI.
Mis geen enkele EU AI Act update
Krijg de belangrijkste ontwikkelingen, praktische tips en expert analyses direct in je inbox.
- Wekelijkse updates over nieuwe regelgeving
- Praktische implementatie tips
- Exclusieve expert interviews
- Gratis compliance checklists
Geen spam, uitschrijven kan altijd
EU AI Act implementation accelerates through standards
CEN and CENELEC have taken exceptional measures to deliver core standards for the EU AI Act faster. With a clear timeline toward 2026, compliance is becoming increasingly concrete. Discover what this means and how you can prepare today.
AI Act incident reporting: consultation open NOW
Until November 7, 2025, the European Commission is requesting feedback on the draft guidance and reporting template for reporting serious AI incidents. For organizations deploying AI in safety-critical domains, this is THE moment to participate in shaping the harmonized reporting chain.
Governance Architecture in Brussels: The Scientific Advisory Layer Is Coming
The EU AI Act is getting a Scientific Panel of 60 independent experts who will lay the technical foundation for policy and supervision from 2026. What does this scientific advisory layer mean for organizations working with GPAI and high-risk AI?
AI literacy is now enforceable policy: what organizations must demonstrably have in place
The Dutch DPA publishes a follow-up guidance on AI literacy. Not as a standalone campaign, but as a blueprint for how organizations structurally embed AI knowledge. Since February 2025, the obligation from the AI Regulation applies; supervision starts in August 2026.
Shadow AI: the invisible governance challenge for organizations
While organizations set up their official AI governance, a parallel universe of unauthorized AI tools is growing. Research shows that 90% of AI applications in companies are not approved by IT, with all associated compliance risks.
Don't trust chatbots as voting guides: what the DPA actually proved and why it matters
The Dutch Data Protection Authority tested four AI chatbots as voting guides and discovered an alarming pattern: more than half of all recommendations went to just two parties, regardless of the voter profile entered. What does this mean for organizations offering chat functionality?
From privacy by design to AI by design: the new development standard for software companies
With the explosive growth of AI in products and services, it's essential to incorporate AI aspects from the design phase. Just as privacy by design and security by design became mandatory, AI by design is now the new reality to prevent compliance from becoming a bottleneck later.
DMA and GDPR United: Why These New Guidelines Change the Rules for Major Platforms
The European Commission and EDPB published joint guidelines clarifying for the first time how the Digital Markets Act and GDPR intersect. For gatekeepers like Meta, Google, and Apple, this represents a fundamental shift in how they must obtain consent and combine data.
AI Factories: Europe's new infrastructure for AI innovation
In October 2025, the EU expands its AI Factories network with six new locations, including the Netherlands. An analysis of what this infrastructure means for SMEs and startups seeking access to advanced AI capacity.
EU's €1 Billion 'Apply AI' Strategy: From Regulation to Innovation
On October 8, 2025, the European Commission launched the 'Apply AI' initiative: €1 billion to deploy AI in key industries. This marks a strategic shift from pure regulation to actively stimulating AI adoption, focused on technological sovereignty and competitiveness.
Dutch Court Forces Meta to Modify Timeline Algorithms: Landmark DSA Enforcement
Amsterdam District Court rules that Meta's automatic reset to algorithmic feed is a prohibited 'dark pattern.' Meta gets 2 weeks to make chronological timeline permanent or faces €100,000 daily penalty.
LinkedIn AI controversy: why the Dutch DPA is raising alarm about your data
The Dutch Data Protection Authority actively warns against LinkedIn's plans to use user data for AI training. An analysis of the privacy implications and what this means for GDPR compliance.
Responsible AI in practice: why it matters, how to organize it, and where it often goes wrong
Responsible AI determines whether algorithms deliver value without harming people and whether your organization gains or loses trust. From international principles to operational discipline: a practical guide with concrete examples, proven approaches, and recurring pitfalls.
AI Act enforcement readiness: are organizations prepared for the first wave of enforcement?
While penalty provisions have been in effect since August 2025, reality shows a fragmented picture of enforcement readiness. An analysis of compliance gaps, national authorities, and practical preparation steps.
AI Governance in 2025: From Regulation to Operational Reality
2025 marks a pivotal year in AI Governance: from experimental frameworks to operational compliance. An analysis of dominant trends, practical challenges, and strategic opportunities for organizations.
GPAI vendor assurance: from Code of Practice to audits and EN standards
From a ‘voluntary’ GPAI Code to a practical vendor‑assurance process with clear evidence, workable obligations, and a realistic path to EN standards.
Procurement under the EU AI Act: model clauses to embed the GPAI code in contracts
The EU has published a Code of Practice for general-purpose AI (GPAI) that helps providers demonstrably comply with transparency, copyright and safety requirements. Formally voluntary, but practically a translation of AI Act obligations. Learn how to anchor this contractually with concrete clause examples.
Latombe v. Commission: the Court upholds the EU-US Data Privacy Framework
The European Union's General Court dismisses the appeal against the EU-US Data Privacy Framework. An important milestone providing clarity after years of uncertainty around international data transfers.
The mandatory Public Summary of Training Content under the EU AI Act: how to make it good, complete and safe
The European Commission has published an official template for model providers to publish a public-friendly summary of their training content. A practical guide to comply with transparency obligations for general-purpose AI models.
Dutch AI sandbox: how it will work and what benefits it offers
The AI Regulation requires each member state to have at least one operational AI regulatory sandbox by August 2026. The Netherlands has published a detailed design proposal. Discover how the process works and what your organization can prepare practically.
All risk assessments under the EU AI Act explained: what does this mean for your organization?
A comprehensive legal analysis of all mandatory risk assessments under the EU AI Act, including conformity assessments, FRIAs, and specific requirements for GPAI models and biometric systems.
European Commission Withdraws AI Liability Directive: Implications for AI Liability in the EU
The European Commission withdrew the AI Liability Directive in February 2025 due to lack of consensus. This has significant implications for AI liability within the EU.
DPIA vs FRIA: practical guide for compliance in 2025
With the EU AI regulation comes a new obligation alongside the familiar DPIA from the GDPR: the FRIA. What are the differences between these impact assessments and how do they relate to each other in practice?
EU AI regulation code of practice: tech giants sign, Meta refuses
The European Commission has officially recognized the voluntary code of practice for AI models as a legitimate compliance instrument under the AI regulation. While OpenAI, Google, xAI and Anthropic sign, Meta refuses participation and the US criticizes the European approach.
Algorithm Registry – Foundation for Responsible AI Usage in the Netherlands
Since the introduction of the Dutch Government's Algorithm Registry in 2022, the Netherlands has been internationally recognized as a pioneer in transparent algorithm administration. Currently, approximately one thousand algorithms are registered and the registry grows daily.
Meaningful human oversight in practice
The Dutch Data Protection Authority recently published comprehensive guidelines on meaningful human oversight in automated decision-making. In this blog, I translate the main principles into concrete lessons for organizations that want to work responsibly with data-driven decisions.
Who (and why) the biggest AI players embrace – or reject – the new EU 'Code of Practice'
On July 10, 2025, the European Commission published the definitive General-Purpose AI Code of Practice. An analysis of which companies are signing, refusing, or still deliberating – and why.
AP summer 2025 report: emotion recognition under the AI Act is 'dubious and risky'
The Dutch Data Protection Authority concludes in its semi-annual report that AI systems for emotion recognition are built on 'disputed assumptions' and pose risks for discrimination and privacy violations.
The code of practice for general-purpose AI: new standards for transparency, safety and copyright
On July 10, 2025, the European Commission published the definitive Code of Practice for general-purpose AI models. A practical analysis of the new transparency, safety and copyright obligations.
AI Literacy: How to Build a Mature Organizational Culture
A practical guide based on the guidance from the Dutch Data Protection Authority (AP) for implementing AI literacy in your organization, in line with the EU AI Act.
The EU AI act in the public sector: A comprehensive guide for governments
A complete handbook for government organizations on EU AI act implementation, focusing on deadlines, obligations, and practical compliance steps for the public sector.
The AI Act Has Really Started – What Has Happened Since?
Eleven months after the EU AI Act came into force: the first prohibitions apply, employees must be demonstrably AI-literate, and consultations are flying around Brussels. A practical update on all major developments.
High-risk AI systems under the EU AI Act - a sector-by-sector guide
A detailed explanation of the eight sectors classified as high-risk under the EU AI Act, with practical compliance tips for organizations.
Unlocking AI's black box: Why explainable AI is crucial
Why can we often not understand AI? This blog dives into the 'black box' of AI and explains why explainability (XAI) is essential for trust, fairness, and control, especially in light of the EU AI Act.
How to Maintain Control Over AI: Human Agency and Oversight in the AI Era
How do we as humans maintain grip on AI? This blog discusses concrete ways to maintain control, with examples and tips based on the EU AI Act.
The EU AI act in 2025: A detailed overview of recent developments
An in-depth analysis of the EU AI act implementation in 2025, focusing on initial applications, Commission guidelines, and implications for businesses.
AI Regulatory Sandboxes in the EU AI Act
In this blog post, we explain how AI sandboxes enable innovation under the EU AI Act. A practical guide to testing AI systems in a safe environment, with special focus on SMEs and startups.
3 Weeks Left: Is Your Organization Ready for the AI Literacy Requirements?
From February 2, 2025, all employees working with AI must be sufficiently AI literate. Learn how to prepare your organization in time for this new EU AI Act requirement.
Impact of the EU AI Act on Start-ups and SMEs: A Complete Guide for 2025
Discover how the EU AI Act affects start-ups and SMEs. From compliance requirements to practical tips, including exceptions and supporting measures for smaller companies.
AI and Privacy in 2025: how organizations can comply with the EU AI Act
A practical guide for organizations on how to comply with the new privacy requirements of the EU AI Act in 2025.
Europe at a Crossroads: The Future of AI Innovation and Regulation
How is Europe positioning itself in the global AI race? Discover the balance between groundbreaking innovation and smart regulation that the EU strives for.
AI Governance under the EU AI Act: A Practical Guide
From boardroom to workplace: practical guidelines for implementing responsible AI systems within your organization.
Prohibited AI Systems under the EU AI Act
Which AI applications will no longer be allowed? A clear explanation of the boundaries Europe sets for artificial intelligence.
Impact of the EU AI Act on Different Sectors
An analysis of how the EU AI Act will influence different sectors and businesses.
From Provider to User: Responsibilities under the EU AI Act
Who is responsible for what in AI development and usage? Discover the roles and duties of all players in the AI chain.
AI Systems According to the EU AI Act: A Broad Definition
When do we actually speak of AI? Dive into the official definition and discover why the EU opts for a broad interpretation of artificial intelligence.
The EU AI Act: An In-depth Analysis
Discover the world's first comprehensive AI legislation. What does this milestone mean for the future of artificial intelligence in Europe?
The EU AI Act: A General Overview
A general exploration of the EU AI Act and its key aspects.