top of page

Legal Tech and Events: July 5, 2023

Update on EU AI legislation progress and third-party security risk management report highlights.
July 5, 2023

Regulation: EU Parliament Advances Landmark AI Legislation

Last month, the European Union (EU) achieved a crucial milestone by advancing legislation that would establish one of the world's first laws for governing artificial intelligence (AI). The EU Parliament has voted in favor of initiating amendments to the draft legislation concerning AI, including regulations for generative AI systems like ChatGPT.

The EU Parliament's statement highlights several key amendments aimed at refining and expanding the scope of prohibited AI practices. Notably, the definition of AI has been revised to provide greater clarity and specificity. According to the new definition, AI is defined as "a machine-based system designed to operate with varying levels of autonomy, capable of generating outputs such as predictions, recommendations, or decisions that have an impact on physical or virtual environments, whether explicit or implicit in their objectives."

Moreover, the Parliament's draft legislation broadens the classification of "high-risk" AI systems. To qualify as "high-risk" under the AI Act, an AI system must not only fall into one of the listed categories but must also pose a significant threat to people's health, safety, or fundamental rights. This expansion ensures that AI technologies with potential adverse consequences receive appropriate scrutiny and oversight.

While this significant development marks a substantial move towards AI regulation in the EU, it is important to note that the implementation of these rules may take several years. The next crucial step involves three-way negotiations between member countries, the Parliament, and the European Commission.

Report: The Significance of Third-Party Security Risk Management

Today businesses are interconnected with each other which makes them recognize the importance of managing third-party security risks. This stems from the realization that an organization's security posture is only as strong as its weakest link. While organizations can implement robust security measures within their systems, their exposure to potential vulnerabilities increases when engaging with external parties, such as vendors, suppliers, partners, or service providers. One breach within any of these third-party relationships can have damaging consequences.

A new report provides insights and trends from organizations that strengthen this. Below are the highlights:

  • An overwhelming 84% of organizations demonstrate a prioritization of third-party security risk management, indicating a recognition of the potential threats posed by these external relationships.

  • Only 13% of organizations engage in continuous monitoring of their third-party security risks, exposing a significant disparity in prevailing risk management practices.

  • 44% of organizations require a time frame of three weeks or longer to onboard a new third party, which gives light to the complexity of managing these external relationships, particularly when companies are dealing with hundreds or even thousands of third parties.

  • More than half, specifically 52% of organizations, express frustration with manual data collection and vendor communication, highlighting the pressing need for streamlined, automated processes.

  • 43% of organizations do not have enough understanding of the security risks associated with fourth-party vendors.

InfiniGlobe is a full-service consulting and software company. We have 20+ years of industry experience working with top corporate legal departments and law firms. Contact us at or at (833) LGL-TECH.


What Else Are You Interested In?.

We love research and would be happy to share our finding with you.

bottom of page