Cloud Hosting

Artificial intelligence feeds on data: both personal and non-personal. It is no coincidence, therefore, that the European Commissions Proposal for a Regulation laying down harmonized rules on Artificial Intelligence, published on April 21, 2021 (the Proposal), has several points of contact with the GDPR.

The GDPRs use as a model for the proposal is visible in numerous aspects:

Furthermore, the proposal sets out an obligation (sanctionable by the highest penalty) to use high-quality datasets to train and instruct artificial intelligence systems. To be considered a high-quality dataset, the personal data included therein must be processed in accordance with the GDPR.

The compliance verification immediately brings to mind the impact assessment pursuant to Article 35 of the GDPR. The obligation to report serious incidents or malfunctions recalls the obligation to notify data breaches. The need for human involvement, supervision and control, and requirement to be able to explain the functioning of the artificial intelligence system have already been imposed (although only for automated processing from which consequences may arise for data subjects) by Article 22 of the GDPR.

These obligations of security assessment, security by design, and ethics by design, will mean that those involved will be held to ever-increasing levels of accountability and will require ever-stronger forms of collaboration. This is a fundamental goal of both the proposal and the GDPR. Proceeding from the assumption that technology is not good or bad in itself, but depends on how people use it, this collaborative model can and should characterize the evolution of regulation in the technological (and strategic) sphere, up to the point of being applied by legal systems that, at least in some respects, may seem incompatible.

and more

Artificial intelligence not only crosses over into data protection law, but also extends to other areas of law, such as intellectual property, competition, consumer protection, and insurance, to name but a few.

In fact, there are no boundaries for artificial intelligence when it comes to law. Just as, taking a closer look, there should be no talk of artificial intelligence law. Due to its intrinsic ability to replace man, artificial intelligence is, by its very nature, transversal, and therefore it touches on all rights. In fact, it goes even further, because it requires breaking down even the very boundaries of law to create a bridge with technology.

The proposal sets out transparency obligations (applicable also to low-risk artificial intelligence systems), in an attempt to find the right compromise between the need for artificial intelligence to be explainable and intelligible to non-professional (and often sceptical) users, and the difficulty even for the developers of intelligent systems themselves of fully understanding and explaining how artificial intelligence actually works.

Breaking down boundaries?

The proposal has started to break down legal boundaries: one can only hope that it will also succeed in (helping to) fostering greater collaboration among nations.

Thanks to the Commissions initiative, the European Union is now leading the race to adopt legislation dedicated to artificial intelligence. However as intended by the Commission it cannot limit itself to leading. It must engage other nations in a collaborative dialogue, so that the regulations, which they ultimately (inevitably and necessarily) adopt are coherent, and benefit all economic operators.

Read more:
Stretching the boundaries through artificial intelligence: the European proposal for a dedicated regulation. The protection of personal data. -...