The European Union has taken a step closer to ‘harmonised rules’ for artificial intelligence (AI) with proposals that would include a ban on AI for biometric surveillance, emotion recognition and predictive policing.
The European Parliament yesterday adopted its negotiating position on the Artificial Intelligence (AI) Act with 499 votes in favour, 28 against and 93 abstentions. Now come talks with EU member states on the final shape of the law. Generative AI systems such as ChatGPT would have to disclose that content was AI-generated, to tell apart deep-fake images from real; and rules would take a risk-based approach (for instance, AI systems used to influence voters in elections would be considered high-risk). Bans on intrusive and discriminatory uses of AI would include:
– “Real-time” remote biometric identification systems in publicly accessible spaces;
– “Post” remote biometric identification systems, with the only exception of law enforcement for the prosecution of serious crimes and only after judicial authorization;
– biometric categorisation systems using sensitive characteristics (gender, race, ethnicity, citizenship status, religion, political orientation);
– predictive policing based on profiling, location or past criminal behaviour, and;
– emotion recognition systems in law enforcement, border management, the workplace, and educational institutions; and
– untargeted scraping of facial images from the internet or CCTV footage to create facial recognition databases (violating human rights and right to privacy).
Co-rapporteur Brando Benifei (S&D, Italy) said: “While Big Tech companies are sounding the alarm over their own creations, Europe has gone ahead and proposed a concrete response to the risks AI is starting to pose. We want AI’s positive potential for creativity and productivity to be harnessed but we will also fight to protect our position and counter dangers to our democracies and freedoms during the negotiations with Council.”
Comments
Tony Porter OBE QPM LLB, Chief Privacy Officer at Corsight is the former Surveillance Camera Commissioner for England and Wales. He said that the vote in the EU Parliament effectively amounts to a blanket ban on the use of facial recognition technology in public places.
“That puts it at odds with the smarter and more nuanced position of the European Commission, which seeks to regulate the development and use of the technology by putting effective guardrails around it.
“AI and facial recognition technology requires clear legislation and mandatory restrictions that govern its responsible, ethical and proportionate use. Yet to ban it in all circumstances is to protect known criminals and to endanger innocent civilians. There is clear public for the controlled use of facial recognition technology to tackle serious crime, save lives and make our communities safer.
As we now enter trilogue discussions between the EU Commission, Parliament and Council, I hope we’ll see a recognition that the way forward is to apply the appropriate safeguards. Talk of bans is easy, but regulation is the responsible approach.”
Fran Rosch, CEO of cyber firm ForgeRock, said: “The European Union’s latest actions to approve the EU AI Act is a significant step forward in regulating AI. Guidance, transparency and clear consequences are required to ensure responsible use of any emerging technology. The proposed AI Act is designed to moderate how AI is used at a time when taking a more cautious approach could prevent unleashing a technology that could have severe consequences on society. As we continue to see further regulations emerge, the private sector must also take part in the effort and collaborate with public stakeholders to achieve more responsible AI worldwide.”
Andrew Patel, Senior Researcher at WithSecure Intelligence, said: “Some of the requirements set forth by the AI Act are going to be difficult to enforce. These include disclosing that content was generated by an AI and ensuring that models cannot generate illegal content. Many open-source generative models are now available to the public and these models can be fine-tuned and repurposed by anyone with enough know how. Large language models have already been customized by extremists into AI systems capable of enabling and amplifying online radicalisation. Regulations probably aren’t going to be able to stop those efforts.”
And Francesca Porter, General Counsel at the online identity verification product company Onfido said: “Six months after the Council voted on its AI general approach, we welcome the European Parliament moving ahead with its position on the Artificial Intelligence Act. The decision to exclude secure and fraud preventative biometric solutions from the “high risk” category will enable the deployment of AI systems that do not pose a threat to citizens and businesses but instead make life easier. It is critical that the Spanish Presidency and Parliamentary rapporteurs cement the decision of Parliament during trilogue negotiations. This clarity will enable European citizens to continue benefiting from our solutions designed to improve online experiences and prevent fraud.”
