28th Annual BTLJ-BCLT Spring Symposium: (Day 2, Panel 4)

The second panel of the 28th BTLJ‑BCLT Spring Symposium examined the rapidly evolving AI governance landscape in the United Kingdom and the European Union, highlighting legislative shifts, emerging regulatory frameworks, and their practical consequences for technology firms.

Michael Veale outlined how the UK government has scrapped plans for a statutory AI Safety Institute, rebranding it as the AI Security Institute, and how the new Data Access and Use Bill effectively gutted GDPR‑derived safeguards on automated decision‑making. In contrast, the EU is moving forward with sector‑specific rules such as the Platform Work Directive, which extends explanation and review rights to gig‑economy workers and introduces collective‑action mechanisms, while the Digital Markets Act now contemplates AI‑driven virtual assistants as gatekeepers subject to interoperability obligations.

Illustrative cases were cited, including the SCHUFA credit‑scoring judgment that holds upstream data‑providers liable for downstream decisions, and the looming Dun & Bradstreet Austria case on the right to explanation. Veale also warned that Apple’s “Apple Intelligence” may face DMA‑mandated model‑choice requirements, raising security and data‑privacy challenges for on‑device AI.

For businesses, the divergent trajectories mean that compliance strategies must be region‑specific: UK firms may face fewer statutory hurdles but must navigate a looser regulatory environment, whereas EU operators will need to embed robust transparency, explanation, and interoperability features to satisfy both the Platform Work Directive and the AI Act’s modest obligations. Early adaptation will be crucial to avoid legal exposure and to capitalize on emerging market expectations for accountable AI.