EU draft legislation on artificial intelligence requires awareness

Huge responsibility

AI is already much bigger than most people can imagine, and we are only at the beginning. Owen: “Do you know what information is used about who you are, what you’re doing and what you’re looking for? And which information will be used in the future?” Companies and governments that are making and using those intelligent machines or systems have a huge responsibility as it comes to the data they use. “How can you apply AI for your own interest and prevent conflicts with the interests of individuals at the same time?” “If AI applications affect our fundamental rights like personal freedom, privacy and health or the functioning of democracy, you enter a sensitive area,” explains Tjakko. “The biggest danger is that both people with good and bad intentions can use AI.” Deepfakes (images, sounds and texts created by artificially intelligent software) for instance, are already a serious problem.

Worldwide standard

This is exactly why Brussels thinks it’s about time to limit the dangers of AI and protect European citizens with legislation. Goal is to make AI in all industries legally, ethically and technically robust by using a so-called pyramid of criticality. The higher the risk of misuse, the more requirements apply to AI systems. The law is expected to come into effect in about two or three years. “Like with the GDPR, it wouldn’t surprise us if the EU regulation on Artificial Intelligence becomes a de facto worldwide standard.” Tjakko and Owen are convinced this is a positive development. “A legal framework like this, stimulates the use of (more) AI applications, and increases confidence and benefits.” With the new EU legislation in mind, Protiviti wants to alert directors and board members to be properly prepared. Although the law is still a draft proposal, the core of it will not change. “It’s already pretty clear what the requirements will be. Every AI system you develop today, must comply with this law in three years. And it’s very hard and expensive, if not impossible, to correct these complex systems afterwards,” explains Owen.

Be prepared

Therefore it’s important to know where AI is being developed and governed within your organisation.” Either way you need to build-in checks and balances to make sure new and existing AI systems comply continuously with the law, and that you are able to prove it,” says Tjakko. “More so than with the introduction of the GDPR, you’d better prepare for the new regulation immediately, because tomorrow’s systems are being developed today. So, be sure to put this high on the company’s agenda, and identify your current and desired governance and risk management.” Owen and Tjakko think this new EU regulation requires broad awareness in companies that work with AI. “Search within your organisation for applications making use of such models that are already there, but also for new possibilities. Companies who are in control with a solid governance and risk structure, will be more confident in reaping the benefits of AI while preventing any nasty surprises.”

Want to know more or need advice in how to create a safe AI environment and how to face the upcoming EU regulation with confidence? Please contact us for more information.