Regulating AI; A work in progress...

The European Commission was the first to address AI-related challenges and present a complete and concrete plan for the future, in its proposal for a draft Artificial Intelligence Regulation (the “EU AI Regulation”), published on April 21, 2021 (read here). The EU AI Regulation provides a detailed regulation, having as a main objective to govern the use of high-risk artificial intelligence systems and, at the same time, ensure that the safety and fundamental rights of EU citizens are protected in the AI era.

In Recital 5 it is provided that--
”A Union legal framework laying down harmonised rules on artificial intelligence is therefore needed to foster the development, use and uptake of artificial intelligence in the internal market that at the same time meets a high level of protection of public interests, such as health and safety and the protection of fundamental rights, as recognised and protected by Union law. To achieve that objective, rules regulating the placing on the market and putting into service of certain AI systems should be laid down, thus ensuring the smooth functioning of the internal market and allowing those systems to benefit from the principle of free movement of goods and services.”
On the 22nd of September 2021, the UK government published the National AI Strategy (UK AI) (read here). This is a policy document, providing for the future positioning of UK in an AI-dominated world. As stated in the Strategy:

”With this in mind, the UK has an opportunity over the next ten years to position itself as the best place to live and work with AI; with clear rules, applied ethical principles and a pro-innovation regulatory environment. With the right ingredients in place, we will be both a genuine innovation powerhouse and the most supportive business environment in the world, where we cooperate on using AI for good, advocate for international standards that reflect our values, and defend against the malign use of AI.”

While most of the Strategy text is concerned with the policy measures to achieve this 10-year goal, by means of investment, and to ensure AI for different sectors and regions, the final ten pages of the Strategy, ”Governing AI effectively”, have legal implications of interest.

These two documents are different in nature.The EU AI Regulation is above all a legislative act, while the UK National Strategy is a policy document, and thus differences between their respective approach and drafting are only natural. Still, it is of interest, to see how they adress key issues in the AI debate.

Let us consider several salient points. First is the definition of the term AI. In this respect, the text of the EU AI Regulation is more helpful. Article 3 provides:

”Artificial intelligence system’ (AI system) means software that is developed with one or more of the techniques and approaches listed in Annex I and can, for a given set of human-defined objectives, generate outputs such as content, predictions, recommendations, or decisions influencing the environments they interact with;”

In turn, Annex I clarifies what these techniques are, namely:

“Machine learning approaches, including supervised, unsupervised and reinforcement learning, using a wide variety of methods including deep learning;

(a) Logic- and knowledge-based approaches, including knowledge representation, inductive (logic) programming, knowledge bases, inference and deductive engines, (symbolic) reasoning and expert systems;

(b) Statistical approaches, Bayesian estimation, search and optimization methods.”

The UK definition is much more general in its formulation, providing that AI constitutes—

“Machines that perform tasks normally requiring human intelligence, especially when the machines learn from data how to do those tasks.”
The difference in the level of accuracy and detail between the definitions is self-explanatory. The UK AI strategy is a policy document and as such, it does not need to be as specific. The EU AI Regulation, on the other hand, needs to be concrete as to the subject-matter that is to be regulated.

Second, the EU AI Regulation includes, in several of its provisions, references to data protection and the European Data Protection Supervisor. Although GDPR is technology neutral and thus not the principal subject-matter of the regulation, high-risk AI systems are subject to stringent regulation. Taking into consideration that AI may be classified as high-risk on the basis of its privacy implications (such as for instance exploiting vulnerabilities of a specific group of individuals), it is obvious that privacy concerns are of major importance for the content of the regulation.

Consistent with its broad definition of AI, UK AI strategy touches upon the subject of data protection in general terms. It merely refers to the DCMS ”Data: a new direct consultation” and how this may influence the future regulation of AI.

Third, the issue of liability is not adressed with particularlity in either the UK AI strategy or in the EU AI Regulation. At the most, the EU AI Regulation makes short references with regards to high-risk AI.


AI is without a doubt a technological revolution. It has the potential brings clear and considerable effects to the legal system, but regulating it is, and will be, a challenge. As such, AI regulation will likely be a matter of a gradual, step-by -step approach.

Against that background, these two documents, the EU AI Regulation and the UK AI, merely constitute the first step in the regulation of AI. Still, developments have aleady taken place and some steps are already in the pipeline. Thus, the UK government is expected to publish a White Paper in early 2022 with further more detailed proposalsas to the regulation of AI. At the same time, on Friday 29th October - the UK announced the launch of a new consultation specifically on how the copyright and patent systems should deal with AI (IPKat post on the consultation here). Submit your views before 7th January 2022For its part, the EU AI Regulation is now under the EU legislative process, which is expected to be finalized in less than a year.

The race between AI applications are appropriate legal regulation is underway with the former in the lead. Will its legal regulation catch up?

Regulating AI; A work in progress... Regulating AI; A work in progress... Reviewed by Frantzeska Papadopoulou on Monday, November 01, 2021 Rating: 5

No comments:

All comments must be moderated by a member of the IPKat team before they appear on the blog. Comments will not be allowed if the contravene the IPKat policy that readers' comments should not be obscene or defamatory; they should not consist of ad hominem attacks on members of the blog team or other comment-posters and they should make a constructive contribution to the discussion of the post on which they purport to comment.

It is also the IPKat policy that comments should not be made completely anonymously, and users should use a consistent name or pseudonym (which should not itself be defamatory or obscene, or that of another real person), either in the "identity" field, or at the beginning of the comment. Current practice is to, however, allow a limited number of comments that contravene this policy, provided that the comment has a high degree of relevance and the comment chain does not become too difficult to follow.

Learn more here:

Powered by Blogger.