The European Union (EU) has emerged as a frontrunner in the race to regulate artificial intelligence (AI) by reaching a provisional agreement on the world’s first comprehensive regulation of AI. The agreement, hailed as a “historical achievement” by Carme Artigas, the Spanish Secretary of State for digitalization and AI, strikes a delicate balance between encouraging safe and trustworthy AI innovation and protecting the fundamental rights of citizens. The draft legislation, known as the Artificial Intelligence Act, was proposed by the European Commission earlier this year and is set to be voted on by the European Parliament and EU member states next year, with implementation scheduled for 2025.
The AI Act adopts a risk-based approach, wherein the level of regulation varies based on the level of risk posed by an AI system. To achieve this, the regulation will classify AIs into high-risk and low-risk categories. Low-risk AI systems will be subject to minimal transparency obligations, such as disclosing their AI-generated content to users. On the other hand, high-risk AI systems will be subject to a range of obligations and requirements.
One of the key mandates of the AI Act is to ensure clear and effective human oversight of high-risk AI systems. This human-centered approach entails having humans actively monitor and oversee the operation of AI systems, taking responsibility for their decisions and actions, and addressing potential harms or unintended consequences. The Act also emphasizes the importance of transparency and explainability, requiring developers to provide accessible information about how their systems make decisions, including details on algorithms, training data, and potential biases.
Responsible data practices form a vital aspect of the AI Act, aiming to prevent discrimination, bias, and privacy violations. Developers are required to ensure that the data used to train and operate high-risk AI systems is accurate, complete, and representative. Emphasizing data minimization principles, the Act encourages the collection of only necessary information while minimizing the risk of misuse or breaches. Individuals are granted clear rights to access, rectify, and erase their data used in AI systems, enabling them to retain control over their information and ensure ethical use.
The AI Act places significant importance on proactive risk management for high-risk AI systems. Developers must implement robust risk management frameworks that systematically assess potential harms, vulnerabilities, and unintended consequences. In particular, the Act explicitly bans certain AI systems deemed to pose unacceptable risks. For example, the use of facial recognition AI in public areas will be prohibited, with limited exceptions for law enforcement. The Act also forbids AIs that manipulate human behavior, employ social scoring systems, or exploit vulnerable groups. Emotional recognition systems in schools and offices, as well as the scraping of images from surveillance footage and the internet, are also banned.
To maintain accountability, the AI Act imposes penalties on companies that violate its provisions. Violating the laws regarding banned AI applications will result in a penalty of 7% of the company’s global revenue, while failing to meet obligations and requirements will incur fines of 3% of global revenue. However, the Act also promotes innovation by allowing the testing of innovative AI systems under real-world conditions, albeit with appropriate safeguards.
While the EU has taken the lead in regulating AI, other countries such as the United States, the United Kingdom, and Japan are also working on their own AI legislation. The comprehensiveness and rigor of the EU’s AI Act could potentially set a global standard for countries seeking to regulate AI.
The European Union’s landmark regulation of artificial intelligence through the AI Act is an important milestone in shaping the responsible and ethical development and deployment of AI. By focusing on risk-based approaches, human oversight, transparency, responsible data governance, proactive risk management, and penalties for violations, the EU is setting a precedence for the rest of the world in ensuring the safe and trustworthy use of AI technology.