<rss xmlns:atom="http://www.w3.org/2005/Atom" version="2.0"><channel><title>Governance - Tag - vo.rs</title><link>https://vo.rs/tags/governance/</link><description>Governance - Tag - vo.rs</description><generator>Hugo -- gohugo.io</generator><language>en</language><copyright>This work is licensed under a Creative Commons Attribution-NonCommercial 4.0 International License.</copyright><lastBuildDate>Fri, 21 Mar 2025 11:15:00 +0000</lastBuildDate><atom:link href="https://vo.rs/tags/governance/" rel="self" type="application/rss+xml"/><item><title>The Hidden Compliance Risks in Generative AI—and How to Mitigate Them</title><link>https://vo.rs/story/the-hidden-compliance-risks-in-generative-ai-and-how-to-mitigate-them/</link><description>&lt;p&gt;In June 2024 the Italian data-protection authority, the Garante, told OpenAI it had breached the GDPR by training ChatGPT on personal data without a valid legal basis and without telling anyone. The fine, confirmed in December 2024, was €15 million. What makes that number worth remembering is not its size — it is small by the standards of the regulation, which tops out at 4% of global annual turnover — but how ordinary the underlying mistake was. Nobody set out to break the law. They scraped the web, trained a model, and shipped it, exactly the way most teams now bolt a generative feature onto a product. The compliance risk did not arrive as a dramatic event. It was baked in from the first training run and nobody noticed until a regulator did.&lt;/p&gt;</description><pubDate>Fri, 21 Mar 2025 11:15:00 +0000</pubDate></item></channel></rss>