Following the publication of the draft legislation on AI, many stakeholders have welcomed the proposal while remaining critical on several key issues.
The European Commission (EC) unveiled its long awaited legislation proposal on artificial intelligence (AI) a month ago, on 21 April 2021 (see SwissCore article). Since then, stakeholders have been analysing every point of the document, trying to understand how it may affect them or their sector. The complex proposal has made some eyebrows rise, and many have come forward with questions and concerns on this new piece of legislation, which is deemed too limiting by some and not restrictive enough by others.
Before drafting the proposal, the EC had mandated a high-level expert group on AI to provide technical recommendations on the topic. The expert group, which included members from academia, civil society and industry, provided several deliverables on ethics guidelines as well as policy and investment recommendations. Overall, the legislation proposal reflects the views and advice of this expert group. Former members have expressed their satisfaction with the draft proposal, especially with the risk-based approach followed by the text.
At first glance, members of the European Parliament (EP) have not come to the same conclusion as the high-level expert group. Even if most MEPs do embrace the risk-based approach of the proposal and the special measures proposed for SMEs and start-ups, several of them have voiced concerns on a lack of actual prohibition for facial recognition AI systems and imprecise definitions. Indeed, even if real-time remote biometric identification is technically prohibited by the text, German MEP Svenja Hahn, member of the AIDA Committee, believes that the exceptions to the prohibition are so broad that there is no real ban. She expressed her concerns in a conference from the Center for Data Innovation. The European Data Protection Supervisor (EDPS) shares this point of view, and wishes for a full ban of facial recognition technologies. Additionally, the text prohibits ‘AI systems that may cause harm to people by manipulating their behaviour, opinions or decisions’. However, Dragoş Tudorache, Romanian MEP and chair of the AIDA Committee stated that the application of this definition to concrete situations appears tricky. For example, it is unclear if social media would fall under this category or not. In the most recent public hearing of the AIDA Committee, MEPs also agreed that the text does not provide sufficient protection to workers who may be subjected to AI systems in their recruitment process or daily monitoring. Tudorache thus expects that discussions on these issues will remain prevalent during Parliament’s future debates.
The risk-based approach of the EC legislation proposal also appears to satisfy most industry representatives, who have generally welcomed it. However, there seem to be concerns on the actual feasibility of certain requirements from the proposal. Cornelia Kutterer, Senior Director of European Government Affairs at Microsoft explained in the same conference from the Center for Data Innovation that from the industry perspective, the requirements are written in a very static manner. It is also unclear whether all requirements can be complied with at the same time. For some applications, trade-offs between requirements may be necessary, for example between accuracy and fairness for bank loan recommendation systems. Kutterer also regretted a lack of clarity and examples, and insisted that policy makers should profit from the experience of industry to integrate these points into the proposal. In a conference from the Centre for European Policy Studies, Francesca Rossi, AI Ethics Global Leader at IBM and former member of the high-level expert group doubted the feasibility of some requirements on transparency and high-quality datasets. She also feared that the fact that the EC can amend the list of high-risk AI systems through delegated acts may generate uncertainty. Amendments will remain a point of concern for the future as the EC counts on these delegated acts to be able to adapt to technological developments and has assured that no retroactive application of amendments will occur. Representatives from industry associations for smaller companies welcomed the special measures dedicated to their members planned by the EC as well as the sandboxing schemes. Still, further support to SMEs would be appreciated, given the difficulties they experienced with the implementation of the General Data Protection Regulation (GDPR). Both MEPs and industry representatives agree that the regulation should not prevent smaller companies from taking on innovation projects and hope to improve the text in this sense.
Starting at the beginning of July, the Slovenian Presidency of the Council of the European Union, will put the AI dossier at the top of its priority list, hoping to reach an agreement on the legislation proposal between EU Member States at the Council level by the end of the year. In parallel, the EP will start discussing the text, with the internal market committee (IMCO) in charge of the file. The appointment of the IMCO Committee marks the starting point for amendments to the EC proposal, which will shape the future first regulation on Artificial Intelligence.