Deployment of AI in the Workplace in France – The Importance of Consulting with the Work Forces

February 26th, 2025 | Posted by Claude-Etienne Armingaud in Artificial intelligence - (0 Comments)

In a significant ruling on 14 February 2025, the First Instance Court of Nanterre, France ordered a company to suspend the deployment of several artificial intelligence tools until proper consultation with its Works Council has been completed.

The company started implementing new AI applications while the mandatory Works Council consultation process was still ongoing. Despite the claim that these tools were merely in a “pilot phase,” the court found that their deployment to employees constituted actual implementation rather than simple experimentation.

The court’s decision emphasizes the importance of respecting employee representation rights in the digital transformation of workplaces, especially in France. This injunctive relief ruled that the premature implementation of the AI tools constituted a “manifestly unlawful disturbance” of the Works Council prerogatives.

This case sets an important precedent for companies implementing AI technologies in France, highlighting the necessity of proper employee consultation procedures before deploying new technological tools in the workplace, in addition to the recently adopted EU AI Act.

New EDPB Statement on Age Assurance: What You Need to Know

February 17th, 2025 | Posted by Claude-Etienne Armingaud in Non classé - (0 Comments)

On 11 February 2024, the European Data Protection Board (EDPB) adopted a new statement on age assurance. This statement, while not legally binding, will guide the enforcement of age-gating methods across the EU. Age assurance refers to the methods used to determine an individual’s age or age range with varying levels of confidence or certainty.

The EDPB’s statement addresses several online scenarios where age verification is crucial. These include situations where legal age requirements exist for purchasing products, using services that could pose risks to children, or engaging in legal activities. It also emphasizes the responsibility to protect children by ensuring that services are designed and provided in an age-appropriate manner.

Platforms publishing notably adult content and which may be mandated under local laws to implement age control methods will need to take this guidance into consideration.

Implementation Requirements

Perform and document a risk-based assessment explaining the necessity of age assurance for your service and identifying specific risks. The age verification system should collect only the minimum age-related data necessary, typically just determining if a user is above or below the relevant age threshold. The chosen method must not enable tracking, profiling, or identification beyond what’s necessary for age verification.

Technical Requirements

Implement privacy-enhancing technologies that favor user-held data and secure local processing. Ensure multiple verification methods are available to prevent discrimination against users without access to certain tools. Consider a “no-log” policy where age verification data is not retained after the process.

Required Documentation

Conduct a Data Protection Impact Assessment (DPIA) before implementing any age assurance system. Develop clear policies documenting your age assurance governance framework, including roles and responsibilities, data protection measures, and compliance monitoring procedures.

From chaos to control: Compliance with DORA, NIS2 and the EU AI Act

February 13th, 2025 | Posted by Claude-Etienne Armingaud in Conference | Europe | France | IT | Legislation | Privacy - (0 Comments)

Streamline Compliance, Optimize Cybersecurity Risk, and Protect Your Business with a Unified Approach

It’s time to move beyond reactive risk management. This event series is dedicated to the cybersecurity and business continuity regulations DORA and NIS2 as well as the EU AI Act and how integrated risk management can help you stay compliant. 

Join our expert-led sessions to discover how Integrated Risk Management (IRM) is no longer a luxury, but a necessity for navigating today’s complex business environment. You will find out how you can move from a siloed approach to a more holistic management of risks weighing on your business.

During the webinar, our team of experts will be focussing in more detail on:

  • What NIS2, DORA and the EU AI Act mean in terms of compliance for businesses across Europe
  • Why Integrated Risk Management is a must for organizations who want to confidently navigate these regulatory challenges.

During our deminar session, find out how to focus on what matters and manage what counts. See NAVEX One in action!

Our team of experts will showcase a practical use case demonstrating

  • How to transition from inefficient spreadsheets to a fully integrated IRM system
  • What it needs to become compliant with NIS2, DORA and the EU AI Act
  • How your programme will be able to achieve measurable ROI and cost savings for your business.

Speakers

Jan Strappers

Jan Stappers

Regulatory Solution Director

NAVEX

Image of Jason

Jason Gottschalk

Partner – Cyber Security Practice

BDO LLP (London)

Claude-Etienne Armingaud

Partner

K&L Gates (Paris)

Dr. Ulrike Elteste

Counsel

K&L Gates (Frankfurt)

More information & registration here

Chambers France: TMT – Data Protection 2025

February 10th, 2025 | Posted by Claude-Etienne Armingaud in Privacy | Rankings - (0 Comments)

Ranked as “Up & Coming”

SourceChambers Europe

Client testimonials:

“Claude-Étienne Armingaud is a true joy to work with. He is always prepared, knowledgeable in his areas of expertise and brings such a friendly attitude to the relationship.”

Claude-Étienne Armingaud is a premier expert in his area. He works hard to stay ahead of the trends to offer quality advice, and it shows.”

”Claude-Étienne Armingaud’s multiculturalism is present in his broad understanding of various aspects of the law. He’s the French Swiss Army knife of lawyers.”

”Claude-Étienne Armingaud is an exceptional expert in the field of new technologies and digital law. His in-depth knowledge of IT issues places him among the key leaders in the sector in France.”

”Claude-Étienne Armingaud provides sophisticated yet very practical advice, which is exactly what clients require. He is definitively a market leader. He is also very approachable and down to earth.”