Latest Articles
· 7 min read

What DUAA 2025 Means for Your AI Training Data

The EU Data Use and Access Act introduces strict provenance and consent requirements for AI training datasets. Here's what your compliance team needs to know — and how to prepare before the enforcement window closes.

Read article
DUAA 2025 Key Requirements
🇪🇺 Art. 12 — Data provenance disclosure
⚠ AI training data must be traceable
✓ Anonymisation satisfies Art. 15
PII must be removed or pseudonymised before AI ingestion
Consent records required per data category
Cross-border transfer rules apply to model training

How to Legally License Your Proprietary Data for AI Training

A step-by-step framework for UK companies licensing proprietary data for AI training — covering CDPA, GDPR obligations, TUPE data restrictions, and what your licensing agreement needs to include.

8 min read Read article

Synthetic Data Provenance: The Missing Link in AI Compliance

Why provenance tracking matters for GDPR audit trails, EU AI Act Article 12 transparency, and downstream liability across multiple AI systems — and what a complete provenance chain actually requires.

10 min read Read article

EU AI Act Training Data Requirements: What High-Quality Actually Means

Article 53, Annex XI, and GPAI obligations — translated into plain English. How to audit your training data for representativeness, accuracy, and documented provenance before August 2026 enforcement.

9 min read Read article

5 Ways the EU AI Act Changes How You License Training Data

Provenance documentation, fine-tuning compliance boundaries, copyright licensing warranties, and downstream data subject rights — what the Act means for every data licence agreement you sign or negotiate.

9 min read Read article

Data Clean Rooms vs Traditional Anonymisation: Why Infrastructure Matters More Than Policy

Tokenisation looks good on paper — but it doesn't survive real regulatory scrutiny. Here's why data clean rooms solve problems pseudonymisation can't touch, and what that means for DUAA 2025 compliance.

8 min read Read article

DUAA 2025: What Data Sellers Need to Know About the New Compliance Landscape

DUAA 2025 puts direct obligations on data suppliers — not just buyers. Provenance documentation, Article 19 anonymisation, lawful basis warrantees, and the contracts you need to update before your next sale.

8 min read Read article

Stay ahead of data regulations

New guidance on DUAA 2025, EU AI Act, and compliant data infrastructure — in your inbox when it matters.

Talk to the team →