By: Jedidiah Bracy (iapp)
Nearly five years after the implementation of the EU General Data Protection Regulation, Europe is immersed in a digital market strategy that is giving rise to a host of new, interconnected regulation. Among this complexity resides the proposed Artificial Intelligence Act. Originally presented by the European Commission April 21, the AI Act is now in the hands of the Council of the European Union and European Parliament.
The AI Act would be the first horizontal regulation of AI in the world. The proposal uses a risk-based approach across industry, both public and private, whereby only high-risk systems would be regulated.
For Dragoș Tudorache, MEP and co-rapporteur for the AI Act, that means 80-90% of AI activities would not be regulated by the act. “To be honest,” Tudorache explained in an extensive interview in his office at the European Parliament, “that’s the only reasonable entry point by which to regulate AI. We see AI to be the driver of the new industrial revolution, so it makes sense that we only regulate the use of technology that brings about high risks.”
Topping the high-risk tier includes systems that affect employment, credit and health care, among others. If an AI application is deemed high risk, organizations would then be obligated to conduct specific operations, including an impact assessment, as well as record-keeping requirements and transparency obligations. A list of banned uses — that of biometric surveillance and predictive policing — is also on the table. More details on the substance of the proposed AI Act can be found in an analysis from the IAPP’s Jetty Tielemans.
AI Act state-of-play
The current state of the proposed AI Act is a bit of a moving target at the moment, but the Council of the European Union, under the current Czech presidency, released its “draft general approach” to the AI Act Nov. 11, and plans to present it to the Telecommunications Council Dec. 6…