The ICO has just published new guidance on Artificial Intelligence (AI). I wrote a detailed blog piece on the consultation version so I will not write about it generally now. However, some important new information is that the ICO has acknowledged  that AI systems involve a number of organisations and so working out who is a Controller or Processor for the purposes of data protection law can become complex. The ICO plans to address these issues in more detail when it revises its Cloud Computing Guidance in 2021. It will consult with stakeholders because of the questions of policy raised. Most helpfully, the new guidance will include example scenarios covering when an organisation is a Controller or Processor in the context of AI services.