EU and AI

EU and AI

The European Parliament has approved (13.03.2024) the new AI Act. This is the first legislation of its kind in the world aiming to regulate the development, operation, and use of artificial intelligence systems within the European Union. This is in light of the dramatic development of artificial intelligence and the understanding that it may adversely affect human rights.

The legislation, which attempts to strike a balance between innovation and protection of the individual, was approved by the European Parliament and imposes a series of obligations (such as transparency, documentation, reliability and accuracy of data, data security, etc.) on companies that develop, distribute and use such systems according to the level of risk deriving from that system, for example in the field of medicine. The new AI Act also completely prohibits the use of a broad range of artificial intelligence systems considering their potential danger to human rights.

The Act will affect the continued development of the field and it sets substantial financial sanctions for companies violating regulations. The AI Act, which must go through two additional formal stages, and then come into effect gradually, may also affect Israeli companies developing and distributing AI systems in Europe, because, like GDPR (European Data Protection Regulations), this Act also has extraterritorial application to companies outside the EU

Background

Artificial intelligence technology gained momentum during the COVID-19 pandemic and has become more significant in our lives, with its latest peak being associated with Chat GPT, developed by Open AI, Inc. The growing presence of artificial intelligence technology raises the question of its legal status, especially in the context of intellectual property rights and obligations, and patent law, as well as the many risks stemming from the development of artificial intelligence systems regarding the right to privacy. Against this background, it is of great importance to develop regulatory directives regarding artificial intelligence technologies, both in domestic law and in international law, and regarding European law in particular, as it is the leading law system in the world when it comes to protecting personal information.

Applicability

The new AI Act will apply to all companies engaged in artificial intelligence technology products intended for use in the European Union, similar to the GDPR (European Data Protection Regulations) applicability. Thus, the Artificial Intelligence act may become a binding standard on the international level regarding regulatory rules in the field of artificial intelligence technology, if and when countries outside of Europe follow the same path.

Structure of the proposal

The field of artificial intelligence is divided in the proposed act into four groups, according to the level of risk relevant to each group as well as the security level requirements resulting from that level of risk. For example, the new AI Act stipulates that artificial intelligence systems used for credit rating systems will be in the high-risk category, and that systems such as China’s citizen rating system will be included in the unacceptable risk category and be completely prohibited under the AI act.

Completion of the legislation

The new AI Act was approved by the parliament in March 2024, and now they are waiting for the approval of the European Commission. The law is set to come into effect this coming May.

Objectives of the AI Act

The AI Act would serve the following purposes:

  • Ensure that AI systems designed for use within the EU comply with the provisions of the new AI Act and thereby respect fundamental rights more broadly.
  • Ensure legal certainty regarding AI technology to facilitate investment and innovation in the development of those systems.
  • To improve and streamline existing law regarding basic rights and safety requirements that apply to artificial intelligence systems.
  • Facilitate the development of AI products in specific, legal, safe, and reliable markets, thus preventing market fragmentation.

The main determinations of the AI Act

  • Prohibited uses: Prohibited uses that are considered unacceptable risks to health, safety or fundamental rights will be prohibited.
  • Risk-based approach: A risk-based approach to regulating AI systems will be proposed, so that high-risk uses will be subject to stringent requirements such as transparency, documentation, human oversight, and reporting.
  • Transparency and accountability: It will be necessary to act transparently, so that it is mandatory to provide explanations regarding how the system operates, the data used, and the factors that influenced the decisions made by the system.
  • Data and privacy: AI-based systems must respect people’s privacy, with system design and development carried out with data protection in mind.
  • Enforcement: High-risk AI systems will be required to be registered in an EU database, which is managed by the European Commission, to ensure transparency and oversight.
  • Sanctions: For failure to comply with the provisions of the new law, fines will be imposed that may reach up to 6% of the global annual turnover of the violating company in the previous year.

Summary

We have reviewed the AI Act very briefly above, regarding the regulatory innovation in the development of systems based on artificial intelligence technology. The EU policy approach, as can be seen in the AI Act, is that a distinction must be made between the legal obligations that will be imposed on artificial intelligence systems, which will be in accordance with the level of risk defined for each system. There is no doubt that companies with ties to EU countries should brainstorm where AI meets it, what the challenges are, and what are the possibilities in the field.

As a leading company in the scope of data protection, privacy, and cyber security, we will happily be at your disposal for any question or clarification needed regarding this, or any other matter.

Share the Post:

Related Posts