News

EU proposal of the AI regulation adopted

Late into the night on Friday, December 8, the lengthy negotiations on the final version of the EU artificial intelligence regulation (AI Act) were concluded, with the first of a dozen technical meetings expected this week to specify the details of the law’s implementation.

According to initial reactions, the adopted solutions did not fully meet the expectations of human rights organizations and activists, nor did they satisfy industry lobbyists and security-focused politicians.

Among other things, it is mentioned that “predictive” systems will only be partially prohibited, meaning that not all applications of artificial intelligence systems in policing and “crime prediction” are classified as unacceptable risks – a significantly weaker protection than what members of the European Parliament voted for this summer. The final ban includes some predictive systems based on “personal traits and characteristics”, but not geographic crime prediction systems already used by police forces across Europe. Critics note that such a partial ban allows for the creation of additional exemptions in the future.

Of particular concern is the possibility that any application of artificial intelligence systems in the context of “national security” would be entirely exempt from the regulation’s scope, including bans on unacceptable risks and transparency requirements.

The most challenging part of the negotiations concerned the bans, that is the classification of AI systems as posing unacceptable risk. The adopted proposal, as reported by those with insight, bans real-time remote biometric identification (RBI) in publicly accessible places—except when used to search for specific suspects or victims of certain crimes, to prevent “specific, substantial, and imminent threats to the life or physical safety of natural persons or a specific, present threat of a terrorist attack,” as well as for the “targeted search for specific victims of abduction, trafficking in human beings and sexual exploitation of human beings as well as search for missing children.”

The use of RBI needs to be approved by a judicial or otherwise independent authority and is limited in time and space, and it cannot include constant comparisons of all people in the public spaces with full police or other databases. In urgent situations, the judicial authorisation has to be done ex-post within 24 hours.

Post-Remote Biometric Identification (not in real-time, but on video footage) is not banned, but now a high-risk category and only possible if there is a prior judicial authorisation, or if it is strictly necessary in an investigation for the targeted search of a person convicted or suspected of having committed a serious criminal offence that already took place. Member States may introduce more restrictive laws on the use of Post-RBI systems.

Biometric categorisation is banned “that categorise natural persons based on their biometric data to deduce their political opinions, trade union membership, religious or philosophical beliefs, sex or sexual orientation from this biometric data.”

Restrictions have been introduced regarding emotion recognition, some applications of high-risk AI systems in the private sector, while criteria for risk classification have been expanded. The publication of the adopted version of the regulation is expected in the coming months.

Related content

Huawei knows everything about cameras in Belgrade – and they are glad to share!

EDIT (30th March, 2019, 9:29h): Not long after this text had been published, case study about cameras for video surveillance in Belgrade was removed from the official website of Huawei. You can read the archived version of the case study at the following link: https://archive.li/pZ9HO. New generation surveillance cameras have already been installed in Belgrade, as stated […]

Digital ecosystem of the Western Balkans: from regulatory gap to systemic approach

Alongside the innovations, technological breakthroughs and shifts in the digital industry, the third decade of the 21st century also marks a kind of institutional milestone primarily recognized through the establishment of the European Union’s Digital Single Market, accompanied by a set of rules aimed at ensuring that all rights and freedoms guaranteed to citizens by […]

Nearly 100 public interest organisations urge the council of Europe to ensure high transparency standards for cybercrime negotiations

Today, 3 April 2018, SHARE Foundation, along with 93 civil society organisations from across the globe, sent a letter to the Secretary General of the Council of Europe, Thorbjørn Jagland. The letter requests transparency and meaningful civil society participation in the Council of Europe’s negotiations of the draft Second Additional Protocol to the Convention on Cybercrime (also known as the “Budapest Convention”) —a new […]