Towards a legislative framework for AI.
The EU have finally passed the EU AI Act. The following represent most complete attempts at a legislative approach to AI regulation I've so far come across.
- OECD Artificial Intelligence Principles
- UNESCO Ethics of Artificial Intelligence
- EU AI Act
- OSTP Blueprint for an AI Bill of Rights
The EU AI Act will probably have the greatest impact, for now. But for today I want to concentrate upon the UNESCO Ethics against the provisions set out in the EU AI Act.
Both the UNESCO Recommendation on the Ethics of Artificial Intelligence and the EU AI Act aim to guide the development of ethical AI. The UNESCO recommendation outlines 10 principles,
- Proportionality and Do No Harm
- Safety and security
- Fairness and non-discrimination
- Sustainability
- Right to Privacy, and Data Protection
- Human oversight and determination
- Transparency and explainability
- Responsibility and accountability
- Awareness and literacy
- Multi-stakeholder and adaptive governance and collaboration
It also suggests concrete policy actions on these principles.
The EU AI Act, on the other hand, is a binding regulation that sets out rules for the development and use of AI in the EU. It includes requirements for high-risk AI systems, such as transparency, human oversight, and data protection. It's concentration on risk management strongly suggests that it is more concerned with risk management and implementation of AI, than it is about ethical considerations. This is a significant weakness, as far as I can tell.
The Act defines risk by classifying AI systems into different categories based on their potential risk level. The Act proposes three categories of AI systems: (1) unacceptable risk, (2) high risk, and (3) limited risk. High-risk AI systems are those that pose significant risks to health, safety, or fundamental rights, such as biometric identification, critical infrastructure, and educational admissions. The Act mandates various development and use requirements for high-risk AI systems, such as transparency, human oversight, and data protection. The Act also requires that high-risk AI systems undergo a conformity assessment before they can be placed on the market or put into service. The conformity assessment must be carried out by a notified body, and it must verify that the AI system complies with the requirements of the Act.
The high risk systems will likely have the greatest ramifications: the act Act requires providers of high-risk AI systems to implement a risk management system. The risk management system should be designed to reduce individual, collective, and societal risks, not just risks to the provider of high-risk AI systems. The Act mandates that the risk management system should be implemented within 24 months after the AI Act enters into force, although the Council has proposed to extend this period to 36 months. The risk management process in the AI Act seems to be inspired by ISO/IEC Guide 51. The Act does not define most terms, but it provides building blocks for high-risk AI systems. The Act also requires that high-risk AI systems undergo a conformity assessment before they can be placed on the market or put into service. The conformity assessment must be carried out by a notified body, and it must verify that the AI system complies with the requirements of the Act.
The artificial intelligence act eu, under a section of 'how can it be improved?' notably point out:
'There are several loopholes and exceptions in the proposed law. These shortcomings limit the Act’s ability to ensure that AI remains a force for good in your life. Currently, for example, facial recognition by the police is banned unless the images are captured with a delay or the technology is being used to find missing children.
In addition, the law is inflexible. If in two years’ time a dangerous AI application is used in an unforeseen sector, the law provides no mechanism to label it as “high-risk”.'
Legislation, without an initially adopted ethical framework in place and operating, seems destined to keep the courts busy, some lawyers well enumerated and the problems in place for years, whilst the justice procedures drag on.
The question for me, and perhaps you, is, do we have those years, are they affordable in terms of the harms that may accrue?
Comments
Post a Comment