EU’s AI Act versus GDPR – are there overlaps and contradictions?

Post updated 31.03.2025

In our previous post on the AI Act, we concluded with a remark concerning the AI Act and the GDPR (General Data Protection Regulation): Are the two regulations aligned, or are there contradictions?

In this post we want to explore this question.

NOTE: When speaking about personal data and data subjects in the following, it is in the context of the GDPR. In addition, our concerns about AI and GDPR are mainly directed at general-purpose AI systems (GPAI-systems) where large amounts of (scraped) data is used to train the GPAI-model on which the GPAI-system is built. (See box F below for exact definitions.)

The scope of the AI Act is comprehensive – it applies to any actor and user of AI systems within the jurisdiction of the European Union law, regardless of the actor’s country of residence.

As the GDPR, the AI Act is a regulation, contrary to a directive, which means that EU member countries have to implement it in their own legislation with only minor adaptive changes. The AI Act has EEA (European Economic Area) relevance as well, which means that the AI Act has to be implemented in Norwegian legislation – as the GDPR was.

Intersection between AI and Privacy regulation [Source]

The diagram shown illustrates the situation: There are some obvious overlaps because AI systems may process personal data, and so GDPR principles apply.

On that basis, we could say “end of story” and “case closed”. However, there are some differences and potential conflicts, making it worthwhile to spend some time on the issue.

It is beyond the scope of this blog post to cover all aspects of the issue at hand, so let’s discuss the fundamentals, with what’s most relevant to Runbox in mind.

(more…)

Continue Reading →

The Runbox Difference: Real People, Real Support

At Runbox, we pride ourselves on offering personalized support. We are employee owned, which means our team is truly invested in your success. We know how crucial your inbox is, and we believe that fast, effective support can make all the difference in your email experience. When you reach out, you’re communicating with real people, not chatbots or someone with a script. Our support team are co-owners of the company, and know the service inside and out. We genuinely care about helping you. Unlike big companies, where support can feel impersonal, we provide expert assistance tailored to your needs. Whether you’re facing a technical issue or need advice, we’re here to make sure your email works the way you want.

(more…)

Continue Reading →

The FTC’s Report on Big Tech’s Personal Data Overreach: What You Need to Know

The Federal Trade Commission (FTC) has released a report exposing how Big Tech companies are overstepping privacy boundaries in their quest for user data. The report reveals the massive amount of personal information these companies collect, store, and profit from. Often, this is done without clear user consent or transparency. As concerns over data privacy grow, the report highlights the urgent need for stronger regulation and more responsible data practices.

In this blog post, we’ll break down the key findings of the FTC’s report and discuss how this overreach affects your privacy, along with what actions you can take to protect your data.

Key Findings of the FTC’s Report on Big Tech’s Data Practices

The FTC’s report, titled “A Look Behind the Screens: Examining the Data Practices of Social Media and Video Streaming Services” offers an in-depth look at how major technology companies, including Facebook (Meta), Google, Amazon, and others, are handling your personal data. Below are some of the major findings:

(more…)

Continue Reading →

Domains are for life, not just for…

We’ve written before about domains and how you can use your own domain with Runbox. However, there are some considerations to be made before you decide to get a domain and it’s easy to overlook some of the responsibilities you might be taking on.

In this blog post we want to add some further details to the topic of registering and owning a domain based on some of the ongoing considerations (and problems) our own customers have had to face when managing their domains.

(more…)

Continue Reading →

EU’s AI Act: What it is all about

From the perspective of the general public and society as a whole, so-called Artificial Intelligence (AI) was largely invisible until OpenAI removed the veil over GPT-3.5/ChatGPT in 2022.

Since then, the interest and use of AI, and General Purpose AI (GPAI), has exploded. AI implementations are creeping in everywhere, to great benefit in many respects. However, the warning signs are many — manipulated images, fabricated conversations, falsified news stories, and fake video-presented events can lead to unforeseeable negative consequences, for instance in influencing democratic elections.

This is also the case when AI is used to make decisions, since we know that there is always a risk of “AI hallucinations” where AI software produces incorrect or misleading information.

This simplified outline can serve as background for the EU’s AI Act, whose purpose is to put a societal control over the use and influence of AI/GPAI in particular, and the big tech companies in general.

So let’s dig into the matter, with the aim to describe what EU AI Act is, and to clarify its consequences, if any, for Runbox.

(more…)

Continue Reading →

Runbox Ensures User Security and Privacy through Unique Email Addresses

Runbox is dedicated to maintaining user security and privacy. A key practice that supports this commitment is our policy of not recycling email addresses. We do not assign old addresses to someone else.

Runbox is committed to user security and privacy, and a fundamental part of this commitment is our policy of always using unique email addresses for our users. We understand that your email address is a critical component of your digital identity, which is why we never reassign old addresses to new users. This practice safeguards your personal information and ensures that your communications remain private and secure.

By avoiding the reuse of email addresses, we help eliminate the risks associated with recycled addresses. This includes potential unauthorized access to sensitive information or confusion from multiple users sharing the same address. This approach not only protects your identity but also fosters a more reliable and trustworthy communication environment.

Using unique email addresses offers several benefits:

(more…)

Continue Reading →

Empowering Environmental Organizations with Free Email Services

In an age where digital communication is essential, the tools we use to connect can significantly impact our mission and reach. We are committed to fostering a sustainable future, and support those who work tirelessly to protect our planet. As part of this mission we offer free email services to environmental organizations.

Who We Are

Runbox is an environmentally conscious email service provider that prioritizes privacy, security, and sustainability. Based in Norway, Runbox operates on renewable energy and aims to minimize our carbon footprint. Our services are designed to be user-friendly while offering advanced features that cater to both individual users and organizations.

Supporting Environmental Organizations

This program is part of our broader commitment to fostering a sustainable future and supporting those who work tirelessly to protect our planet. It reflects our dedication to supporting causes that align with our values. Effective communication can lead to increased awareness, greater community engagement, and stronger advocacy efforts. This support helps create a network of informed and active citizens dedicated to environmental causes.

(more…)

Continue Reading →

Runbox Introduces New Affordable 3-Year Price Plans

Runbox is dedicated to providing sustainable email services from the heart of Norway, where strict privacy regulations safeguard your data. We’re excited to introduce 3-year plans that offer a 20% discount. By choosing Runbox, you support sustainable practices that make a positive impact on the environment while enjoying fast, secure, and privacy protected email services from Norway.

We pride ourselves on delivering premium email services at an affordable price. In fact, we have not increased our prices since our company’s inception, and at the same time we have added substantial storage to all our plans. In a time when price hikes on essential services have become the norm, we believe in offering you predictability and stability for a service as vital as email.

(more…)

Continue Reading →

There’s No Such Thing as Free Email.  

The Real Cost of Our Digital Communications is Our Privacy. 

You’ve been happily using “free” email for years, and haven’t thought much about it. The problem is that it’s not really free. You become the product, and you pay with your privacy. Let’s dive into what it means.

1. Free is not free

With countless services offering “free” email accounts, it’s easy to assume that we can communicate without any cost. But companies that offer free email typically rely on advertising revenue, which means they collect vast amounts of data about our habits, interests, and communications. They use this information to tailor advertising, and that’s how they make money.

(more…)

Continue Reading →