Data safety is increasingly becoming of paramount importance and European Union takes it seriously. Here is a deep delving into the EU developed an iron dome to protect its data.
Geo-politics is driving technology, especially Artificial Intelligence (AI), as the Russian President Vladimir Putin once said that the nation which leads in AI will rule the world. The European Union (EU), which is technology-dependent on the US Big Tech, and energy-dependent on Russia, has taken Putin’s words to heart and doing everything possible to control AI through a slew of hard-hitting regulations, that reach even beyond European Union borders, to protect is the territory from hacking, data theft, and cyberattacks among others.
Europe is in effect creating a protective shield around its data, as tensions between the western world and the China-Russia axis intensify, with the cold war turning hot after Russian tanks rolled into Ukraine on February 24, 2022. The is much like the Israeli iron dome defensive shield protecting the country from missile attacks.
Battle against the weaponization of AI
The lurking fear is over the weaponizing of AI models, chatbots, and social media platforms in influencing the democratic process of European Union countries by autocratic countries. In the process, technology companies will be caught in the geopolitical crossfire and will come under harsher regulations that will have consequences on their business models.
The recently agreed-upon Digital Services Act (DSA) places new restrictions on some of the largest platforms, a reaction to the way established platforms like Facebook and YouTube have been used to undermine elections, promote genocide, and spread dangerous conspiracy theories. But the new rules are likely to bring about bigger changes on TikTok than on more established platforms. When Europe’s new rules force all large social platforms to open up their data and even algorithms to outside scrutiny, TikTok may change most of all.
The DSA is aimed at reducing online harms, such as harassment, and making major online platforms more accountable for their effects on elections and other aspects of society, with large social networks and search engines the primary targets. The law was agreed upon in April 2022, weeks after the passage of a companion law aimed at tech monopoly power.
“With today’s agreement, we ensure that platforms are held accountable for the risks their services can pose to society and citizens,” European Commission executive vice president Margarethe Vestager said of the DSA decision. The law’s legal text is now being finalized, and it could take effect as soon as January 2024. As with Europe’s GDPR data protection law, the DSA may alter how tech companies around the world operate.
The AI Act & GDPR combo
Starting with the GDPR (General Data Protection Regulation) in 2016, and now with the latest Artificial Intelligence Act, the European Union is empowering its oversight bodies with legal weapons to crack down on the use of AI that it deems to be harmful. While GDPR defines data privacy, the AI Act gives its teeth by laying down what companies can do with that data when developing AI models.
Using these pieces of legislation, some of the toughest proposed regulations on AI models developed to extract actionable intelligence from data, give enormous powers to European Union oversight bodies to order Big Tech and any company, using AI, to retrain their models if deemed high risk. Coupled with the GDPR legislation, on data protection and individual privacy, the European Union appears to be becoming the global standard-bearer on laws governing AI.
Firepower of the AI Act
The European Union’s planned risk-based framework for regulating artificial intelligence includes powers for oversight bodies to order the withdrawal of a commercial AI system or require that an AI model be retrained if it’s deemed high risk, according to an analysis of the proposal by a legal expert. That suggests there’s significant enforcement firepower lurking in the European Union’s (still not yet adopted) Artificial Intelligence Act — assuming the bloc’s patchwork of Member State-level oversight authorities can effectively direct it at harmful algorithms to force product change in the interests of fairness and the public good.
Article 2 of the AI Act, the first feature borrowed from the GDPR is in fact the extensive scope of application, well beyond European “borders.” Indeed, three categories of subjects will be bound by these provisions: not only users of AI systems located within the territory of a member state but also providers that place AI systems on a European Union market or put them into service in the EU, irrespective of whether they are established in the European Union. Furthermore, third-country providers and users of AI systems would fall within the scope of application if the output generated by such systems is used in the EU.
The global impact of EU’s AI Act
Digital assets today are an outcome of the global value chain. Data generated in one country used by a manufacturer could well be used in another country, as value chains are global. Customer preference data in Germany could be used by a garment supplier in Bangladesh. The GDPR provides for the data controller to be responsible for—and be able to demonstrate compliance with—the safeguarding principles relating to the processing of personal data.
The AI Act (AIA), although not specifically mentioning the accountability principle, extends this principle to all operators involved in the supply chain. For instance, Chapter 3 of the AI Act, which deals with enforcement, places horizontal obligations on providers of high-risk AI systems but also establishes proportionate obligations for users and other players within the AI value chain, such as importers, distributors, and authorized representatives. AI developed in the European Union but also AI developed anywhere in the world which is used in the EU. Like the European Union data protection law, the GDPR, the EU is explicitly positioning the AIA to become the global model for regulating AI.
(Abhijit Roy is a technology explainer and business journalist. He has worked with Strait Times of Singapore, Business Today, Economic Times and The Telegraph. Also worked with PwC, IBM, Wipro, Ericsson.)
(Disclaimer: The views expressed in the article above are those of the author’s and do not necessarily represent or reflect the views of Autofintechs.com. Unless otherwise noted, the author is writing in his/her personal capacity. They are not intended and should not be thought to represent official ideas, attitudes, or policies of any agency or institution.)