You post a photo in a public forum. Leave a comment under a news article. Share a recipe on your blog. Nothing wild. And yet — sentences and images exactly like these are landing by the millions in the training data of the next big AI model. Whether that's actually allowed just got an answer. A draft one, at least.
What the EDPB actually decided
The European Data Protection Board (EDPB, called EDSA in German) adopted two guidelines on July 8, 2026: one on anonymisation, one on web scraping for generative AI. Both are drafts for now — public consultation runs until October 30, 2026, then the final version follows. But the direction is already clear: publicly visible does not mean freely usable.
The three-part test for "anonymous"
The core of the first guideline: a dataset only counts as truly anonymous if it passes three criteria at once. No isolation — you can't pick out a single record. No linkability — you can't connect it to other records. No inference — you can't deduce a person from it. Only when all three hold does something count as anonymous and fall outside GDPR. Important detail: anonymity is relative to the recipient, not an absolute property of the data itself.
And this is exactly where it gets uncomfortable for AI providers: the EDPB found that large language models often fail the third criterion. They tend to reproduce training data — ask the right question and a model sometimes spits out sentences nearly identical to a specific forum post. That's an inference risk right there. Anonymisation, for a lot of training sets, turns out to be wishful thinking rather than reality.
Web scraping for AI training — the new rules
The second guideline goes straight after training itself: GDPR applies to web scraping the moment personal data gets processed — and that starts at collection, not just at training. The EDPB recommends companies scrape only from reliable sources, log timestamps, validate data before training, and collect as little as possible through precise filters. Where informing every individual is practically impossible, a genuine balancing-of-interests test has to stand in — not a blanket excuse buried in the terms of service.
For especially sensitive data — health, sexual orientation, religion — there's a double hurdle: scraping that needs both a legal basis under Article 6 GDPR and an exception under Article 9(2). Two approvals instead of one — that should scramble a few training pipelines.
The catch: who does this even apply to?
Here's where it gets uncomfortable — for the rule, not the providers. On paper, GDPR applies not only to companies in the EU but to anyone targeting EU citizens (the so-called marketplace principle). A US corporation offering its model in Europe is, in theory, covered.
In theory. Because the big models are almost all trained elsewhere — in the US, in China. The training dataset comes together on servers no European regulator will ever lay eyes on. Almost nobody trains such a model from scratch inside the EU; Mistral is the European exception that proves the rule. And even if you wanted to look: how do you tell, from a finished model, which forum post from 2019 is baked into it? You can't rewind a training run like a surveillance tape.
That leaves enforcement. The EU can hand out fines — up to 4% of global turnover, which stings even a US giant. But first someone has to prove the violation, run the proceedings, enforce it across borders. Data protection authorities are chronically understaffed. And a Chinese model that doesn't seriously serve the EU market cares about an EDPB guideline roughly as much as about the weather in Brussels. In the end, the rule mostly hits the players who are reachable and willing to comply anyway.
Is the EU shooting itself in the foot?
Which puts the most uncomfortable question on the table: does Europe trip itself up with rules like these? The suspicion is fair. Rules bind those who follow them — European providers and a pile of small startups. They carry the bureaucratic cost while the training machines in California and Shenzhen just keep running. Europe is already behind in the race for the best models. Slowing its own people down with paperwork right when it should be catching up — that could backfire.
But it's not that simple. The EU is a huge market, and anyone who wants in often prefers to follow the stricter rules everywhere rather than build two separate systems. With cookie banners and privacy policies, this "Brussels effect" shaped half the world — not out of love for the EU, but because one clean pipeline is cheaper than two. So an EU rule can lift the whole industry rather than just handicapping Europe.
The real question, then, isn't "rules or no rules" but "realistic or not." A requirement nobody can meet gets ignored — and then Europe ends up with the worst of both worlds: no real data protection and a competitive disadvantage anyway. If the guidelines stay workable, the big providers might even come along.
What this means for you
First, some reassurance: as long as you're not planning to train your own AI model — and let's assume you're not, that's expert territory — you legally have nothing to do here. The guidelines are aimed at the AI providers, not at you. You're the person whose data gets protected, not the one who needs a legal basis.
It only gets interesting once you want to steer what happens with your data. And that's worth an honest question to yourself: you shared that photo, that comment, that old blog post publicly. Public means — you wanted it read. So why is it worse when an AI model reads along instead of a human? For a lot of it, the honest answer is: it isn't. A recipe or a helpful forum post that ends up in a model and later helps someone out isn't harm — that's the whole point of "public." It gets trickier where things get personal: your writing style, your face, things from a time when nobody expected machines to be reading along. That's where the wish for control is entirely fair.
And you can exercise it — with the same healthy skepticism that already applies to deleting your data from AI systems: a look at the privacy settings on your profiles, and on your own website, a robots rule for training crawlers. Just keep it realistic: the EU has set the direction, but whether it changes anything beyond its own borders will only show up in practice. That's exactly what you're allowed to watch critically — curious, but not naive.
