National Data Protection Commission (CNPD) joins global regulators against risks of AI-generated images

SÉRVULO PUBLICATIONS 02 Mar 2026

On February 23, the National Data Protection Commission (CNPD) signed the Joint Statement on AI-Generated Imagery and the Protection of Privacy, together with authorities such as the Spanish Data Protection Agency (AEPD), the French Data Protection Authority (CNIL), and the European Data Protection Board (EDPB), among a group of 61 regulators. The Statement expresses serious concerns regarding Artificial Intelligence (AI) systems that generate realistic images and videos of identifiable individuals without their knowledge and/or consent, which are then integrated and shared on social media platforms accessible to unrestricted audiences.

The Statement highlights risks such as the creation of non-consensual intimate images, defamation, and other harmful content, including cyberbullying, with particular emphasis on harm caused to children and vulnerable groups. According to the signatory authorities, these AI content-generation systems must be developed and used in compliance with data protection and privacy laws, noting that sharing or creating non-consensual intimate images may constitute a criminal offense in several jurisdictions.

The signatory authorities emphasise key principles for organisations that develop and use AI-powered content generation systems. These organisations should:

Implement robust safeguards to prevent the misuse of personal data and the creation of harmful content, especially involving children;
Ensure transparency regarding the capabilities of AI systems, their acceptable uses, and the consequences of misuse;
Provide effective and swift mechanisms for the removal of harmful content; and
Include additional safeguards concerning children, such as clear information adapted for minors, parents, and educators.

The Statement calls on organisations to collaborate proactively with regulators, implementing protections by design so that technological progress does not compromise privacy, dignity, safety, or fundamental rights, particularly those of the most vulnerable. The signatory authorities also intend, to the extent possible and legally permissible, to share information on their approach to the concerns outlined in the Statement, particularly regarding enforcement actions, policy development, and education. This reflects their shared commitment and coordinated effort to address the global risks posed by these systems.

Ana Ferreira Neves | afn@servulo.com

Maria Miguel Carvalho | mmc@servulo.com

download PDF

Expertise Relacionadas

TMT

Related Lawyers

Ana Ferreira Neves Maria Miguel Carvalho

Latest Related Articles

SÉRVULO PUBLICATIONS 25 Feb 2026
Finance and Governance

Omnibus I: A luz ao fundo do túnel

1. Contexto
Foi publicada a Diretiva (UE) 2026/470 do Parlamento Europeu e do Conselho de 24 de fevereiro de 2026 que altera as Diretivas 2006/43/CE, 2013/34/UE, (UE) 2022/2464 e (UE)...

SÉRVULO PUBLICATIONS 24 Feb 2026
Intellectual Property

New Financing Programme for the Audiovisual and Film Industry – SCRI.PT

On 19 February 2026, Decree-Law No. 57/2026 was published, establishing the Financing Programme for the Audiovisual and Film Industry (SCRI.PT).
This new programme arises in a context of...

SÉRVULO PUBLICATIONS 18 Feb 2026
Real Estate, Tourism and Urban Planning

Calamidade e operações urbanísticas relativas a reconstrução, alteração, conservação e demolição de edifícios danificados ou afetados

Foi publicado no passado dia 13 de fevereiro o Decreto-Lei n.º 40-A/2026, que estabelece um “ regime excecional e temporário de simplificação administrativa e financeira destinado à...