Skip to main content

The EU AI Act has finally been Passed; Towards a legislative framework for AI.

 


Towards a legislative framework for AI.

The EU have finally passed the EU AI Act. The following represent most complete attempts at a legislative approach to AI regulation I've so far come across.

The EU AI Act will probably have the greatest impact, for now. But for today I want to concentrate upon the UNESCO Ethics against the provisions set out in the EU AI Act.

Both the UNESCO Recommendation on the Ethics of Artificial Intelligence and the EU AI Act aim to guide the development of ethical AI. The UNESCO recommendation outlines 10 principles,
  • Proportionality and Do No Harm
  • Safety and security
  • Fairness and non-discrimination
  • Sustainability
  • Right to Privacy, and Data Protection
  • Human oversight and determination 
  • Transparency and explainability
  • Responsibility and accountability
  • Awareness and literacy 
  • Multi-stakeholder and adaptive governance and collaboration
It also suggests concrete policy actions on these principles. 

The EU AI Act, on the other hand, is a binding regulation that sets out rules for the development and use of AI in the EU. It includes requirements for high-risk AI systems, such as transparency, human oversight, and data protection. It's concentration on risk management strongly suggests that it is more concerned with risk management and implementation of AI, than it is about ethical considerations. This is a  significant weakness, as far as I can tell.

The Act defines risk by classifying AI systems into different categories based on their potential risk level. The Act proposes three categories of AI systems: (1) unacceptable risk, (2) high risk, and (3) limited risk. High-risk AI systems are those that pose significant risks to health, safety, or fundamental rights, such as biometric identification, critical infrastructure, and educational admissions. The Act mandates various development and use requirements for high-risk AI systems, such as transparency, human oversight, and data protection. The Act also requires that high-risk AI systems undergo a conformity assessment before they can be placed on the market or put into service. The conformity assessment must be carried out by a notified body, and it must verify that the AI system complies with the requirements of the Act.

The high risk systems will likely have the greatest ramifications: the act Act requires providers of high-risk AI systems to implement a risk management system. The risk management system should be designed to reduce individual, collective, and societal risks, not just risks to the provider of high-risk AI systems. The Act mandates that the risk management system should be implemented within 24 months after the AI Act enters into force, although the Council has proposed to extend this period to 36 months. The risk management process in the AI Act seems to be inspired by ISO/IEC Guide 51. The Act does not define most terms, but it provides building blocks for high-risk AI systems. The Act also requires that high-risk AI systems undergo a conformity assessment before they can be placed on the market or put into service. The conformity assessment must be carried out by a notified body, and it must verify that the AI system complies with the requirements of the Act.

The artificial intelligence act eu, under a section of 'how can it be improved?' notably point out:

'There are several loopholes and exceptions in the proposed law. These shortcomings limit the Act’s ability to ensure that AI remains a force for good in your life. Currently, for example, facial recognition by the police is banned unless the images are captured with a delay or the technology is being used to find missing children.

In addition, the law is inflexible. If in two years’ time a dangerous AI application is used in an unforeseen sector, the law provides no mechanism to label it as “high-risk”.'

Legislation, without an initially adopted ethical framework in place and operating, seems destined to keep the courts busy, some lawyers well enumerated and the problems in place for years, whilst the justice procedures drag on. 

The question for me, and perhaps you, is, do we have those years, are they affordable in terms of the harms that may accrue?

Comments

Popular posts from this blog

The Whispers in the Machine: Why Prompt Injection Remains a Persistent Threat to LLMs

 Large Language Models (LLMs) are rapidly transforming how we interact with technology, offering incredible potential for tasks ranging from content creation to complex analysis. However, as these powerful tools become more integrated into our lives, so too do the novel security challenges they present. Among these, prompt injection attacks stand out as a particularly persistent and evolving threat. These attacks, as one recent paper (Safety at Scale: A Comprehensive Survey of Large Model Safety https://arxiv.org/abs/2502.05206) highlights, involve subtly manipulating LLMs to deviate from their intended purpose, and the methods are becoming increasingly sophisticated. At its core, a prompt injection attack involves embedding a malicious instruction within an otherwise normal request, tricking the LLM into producing unintended – and potentially harmful – outputs. Think of it as slipping a secret, contradictory instruction into a seemingly harmless conversation. What makes prompt inj...

Can We Build a Safe Superintelligence? Safe Superintelligence Inc. Raises Intriguing Questions

  Safe Superintelligence Inc . (SSI) has burst onto the scene with a bold mission: to create the world's first safe superintelligence (SSI). Their (Ilya Sutskever, Daniel Gross, Daniel Levy) ambition is undeniable, but before we all sign up to join their "cracked team," let's delve deeper into the potential issues with their approach. One of the most critical questions is defining "safe" superintelligence. What values would guide this powerful AI? How can we ensure it aligns with the complex and often contradictory desires of humanity?  After all, "safe" for one person might mean environmental protection, while another might prioritise economic growth, even if it harms the environment.  Finding universal values that a superintelligence could adhere to is a significant hurdle that SSI hasn't fully addressed. Another potential pitfall lies in SSI's desire to rapidly advance capabilities while prioritising safety.  Imagine a Formula One car wi...

The Hidden Environmental Cost of AI: Data Centres' Surging Energy and Water Consumption

 In recent years, artificial intelligence (AI) has become an integral part of our daily lives, powering everything from smart assistants to complex data analysis. However, as AI technologies continue to advance and proliferate, a concerning trend has emerged: the rapidly increasing energy and water consumption of data centres that support these systems. The Power Hunger of AI According to the International Energy Agency (IEA), global data centre electricity demand is projected to more than double between 2022 and 2026, largely due to the growth of AI. In 2022, data centres consumed approximately 460 terawatt-hours (TWh) globally, and this figure is expected to exceed 1,000 TWh by 2026. To put this into perspective, that's equivalent to the entire electricity consumption of Japan. The energy intensity of AI-related queries is particularly striking. While a typical Google search uses about 0.3 watt-hours (Wh), a query using ChatGPT requires around 2.9 Wh - nearly ten times more en...