Artificial intelligence (AI) is rapidly advancing and becoming a major part of our everyday lives. From its use in healthcare, finance, and industry, to its use in social media, AI is becoming an increasingly important technology. As AI becomes more prevalent, the need to ensure compliance with data protection laws is essential. In this article, we will discuss the current legal landscape surrounding data protection and AI, and how companies can ensure compliance. The legal landscape surrounding data protection and AI is complex and constantly evolving. In the European Union, the General Data Protection Regulation (GDPR) and the ePrivacy Directive are the two key pieces of legislation governing data protection and AI. The GDPR applies to all companies collecting and processing personal data in the EU, while the ePrivacy Directive applies to electronic communications services. In the US, the primary law governing data protection and AI is the California Consumer Privacy Act (CCPA). This law applies to companies that collect personal information of California residents, providing them with the right to know what data is collected and how it is used.