As governments around the world ponder how AI can be regulated, the European Union is the first to plan laws that put strict limits on the technology. On Wednesday, the European Commission, the executive branch of the board, presented a regulatory approach that envisages a four-tier system that divides AI software into separate risk categories, with an appropriate level of regulation being determined for each category.
At the top are systems that pose an “unacceptable” risk to human rights and security. The EU would completely ban this type of algorithm under the legislation proposed by the Commission. An example of software falling under this category is any AI that governments and corporations can use to apply social rating systems.
Below that there is a category for so-called high-risk AIs. This is the broadest category, both in terms of the types of software it covers and the limitations it proposes. The Commission says these systems will be strictly regulated, including the dataset used for their training, what is an appropriate level of human oversight and how they convey information to the end-user. This category also includes AIs related to Law enforcement and all forms of remote biometric identification. The police are not allowed to use the latter in public spaces, although the EU would make some exceptions for reasons of national security and the like.
Then there is a category for low risk AIs such as B. Chatbots. Legislation dictates that these programs must state that you are speaking to an AI so that you can make an informed decision about whether or not to continue using them. Finally, there is a section for programs that pose minimal human risk. It is said that the “vast” majority of AI systems will fall under this category. Programs that fall under this category are, for example, spam filters. The agency is not planning any regulation here.
“AI is a means, not an end,” said Internal Market Commissioner Thierry Breton in a statement. “Today’s proposals aim to strengthen Europe’s position as a global center of excellence for AI from the laboratory to the market, to ensure that AI in Europe respects our values and rules and uses the potential of AI for industrial use.”
It will likely take the EU years to discuss and implement the legislation. Companies that break the rules could face fines of up to six percent of their global sales. With the GDPR, the EU already has one of the world’s strictest data protection directives and is considering similar measures with regard to content moderation and antitrust law.