GDPR is the EU's General Data Protection Regulation from 2018—it's the one that gives people real control over their personal data. It gave individuals real rights to access their data, request deletion, move their data elsewhere, and, importantly, to give informed consent before it’s used.
PII (Personally Identifiable Information) is any data that can identify someone. Beyond the obvious stuff like names and emails, it includes IP addresses and even combinations of data points that together could pinpoint a person.
What's interesting now is how AI is reshaping both. GDPR's automated decision-making restrictions are proving tricky for AI systems, especially around explainability. And AI's pattern recognition means data we thought was anonymous might not be anymore—these models can connect dots in ways that create new identification risks.
It's a rapidly evolving space as regulators and attorneys try to keep pace with the technology. Definitely planning to dive deeper into the regulatory side of things in an upcoming post.
Awesome! What are GDPR and PII?
Hi Josh,
Thanks for the great question!
GDPR is the EU's General Data Protection Regulation from 2018—it's the one that gives people real control over their personal data. It gave individuals real rights to access their data, request deletion, move their data elsewhere, and, importantly, to give informed consent before it’s used.
PII (Personally Identifiable Information) is any data that can identify someone. Beyond the obvious stuff like names and emails, it includes IP addresses and even combinations of data points that together could pinpoint a person.
What's interesting now is how AI is reshaping both. GDPR's automated decision-making restrictions are proving tricky for AI systems, especially around explainability. And AI's pattern recognition means data we thought was anonymous might not be anymore—these models can connect dots in ways that create new identification risks.
It's a rapidly evolving space as regulators and attorneys try to keep pace with the technology. Definitely planning to dive deeper into the regulatory side of things in an upcoming post.
Thanks again for reading!