Preiskel & CoPreiskel & Co
Preiskel & Co
  • Home
  • About Us
    • Diversity, Social Responsibility, and Pro Bono
  • Services
    • Corporate
    • Commercial
    • Regulatory
    • Competition & Antitrust
    • Data Protection, Privacy, and Retention
    • Intellectual Property
    • Dispute Resolution
    • Employment
  • Sectors
    • Telecommunications
    • IT, Technology, & Internet
    • Media and Broadcasting
    • Websites, Blogging, & Social Media
    • Film & Television
    • Gambling & Online Gaming
    • Leisure & Retail
    • Energy & Minerals
    • Cryptocurrency & Blockchain
    • Creative Industries
  • People
    • Daniel Preiskel
    • Ronnie Preiskel
    • Tim Cowen
    • Jose Saras
    • Robert Dougans
    • Tina Cowen
    • D A T Green
    • Karthyaeni Vittala
    • Richard Stewart
    • Mor Swiel
    • Ilanit Appelfeld
    • Stephen Dnes
    • Daniel Oakland
    • Robert Harvey
    • Martina Raciti
    • Joanna Coombs-Huang
    • Xavier Prida
    • Stewart White
    • Alison MacFarlane
    • Hannah Leader
    • Peter Dally
    • Antony Corel
    • Sue Warwick
    • Tony Curzon-Price
    • Shardi Shameli
    • Stephen Hornsby
    • Ewelina James
    • Maria Constantin
    • Sophia Yakhno
  • International
  • Blog
  • News
    • Publications
  • Contact
Menu back  

European Strategy for Artificial Intelligence – a framework to regulate AI and its potential impact on the UK

April 19, 2022By Preiskel & Co

As artificial intelligence (“AI”) continues to make inroads in its use, as well as the amount of data it consumes, attention has turned to its regulation. The UK has a National AI Strategy which has some initial stages of consideration and statements of aim. In the meantime, the EU has released a draft Artificial Intelligence Act and looks to set out a far more comprehensive approach. These two jurisdictions’ approaches will be summarised below, as to be an indication of how the AI market will continue to grow and be shaped.

The European Commission released its highly anticipated draft Artificial Intelligence (AI) Act on 21 April 2021 (the “Act”). The Act is expected to be formally issued in 2023. It represents the most ambitious attempt to regulate AI technologies to date, setting out a cross-sectoral regulatory approach to the use of AI systems across the EU.

In the UK, the Office for Artificial Intelligence, Department for Digital, Culture, Media & Sport, and the Department for Business, Energy & Industrial Strategy together issued the UK’s National AI Strategy (“NAS”) on 22 September 2021.

THE UK’S NATIONAL AI STRATEGY (NAS)

The NAS aim is to provide consideration that the national and international governance of AI technologies correctly balances, with the aim to encourage innovation, investment, and protect the public and fundamental human values.

The NAS is meant to run for 10 years from September 2021 and sits more on the consideration and information gathering end of AI regulation, which contrasts with the EU’s approach. Currently, none of the regulatory aims of the NAS indicate an explicit undertaking to issue a new all-inclusive AI law.

However, the NAS lays down the necessary foundation for a law to be issued later, as some of the governance aims envisage:

  • a new consultation on determining the role of data protection in wider AI governance;
  • developing an all-of-government approach to international AI activity;
  • publishing a White Paper on a pro-innovation national position on governing and regulating AI; and
  • working with The Alan Turing Institute to update guidance on AI ethics and safety in the public sector.

The EU’s Act and the NAS governance aims are expected to expedite the UK’s AI regulatory developments and may even lead to the issuance of the UK’s first AI-focused law soon after the EU’s Act is issued in 2023.

While the proposed AI regulation will still need to go through the EU’s ordinary legislative procedure before entering into force, it is recommended that both users and providers of AI systems consider the repercussions of such regulation as early as possible to ensure smooth compliance once the AI Act is issued. Moreover, since the UK Government issued its NAS, it is important to keep an eye on the milestones set in the plan and the effects on AI systems users and providers, specially that the NAS is expected to be heavily influenced by the EU’s Act.

THE EU DRAFT AI ACT

Act’s Definition of AI

The Act, as a strong indicator of its goal to regulate the industry, contains a very broad definition of AI:

‘Any software that is developed with one or more of the techniques and approaches listed in Annex I and can, for a given set of human-defined objectives, generate outputs, such as content, predictions, recommendations, or decisions influencing the environments they interact with.’

While the list in draft Annex 1 specifies techniques that fall under the umbrella of machine learning, it also specifies that ‘statistical approaches’ in general will be considered amongst the suite of AI techniques. This is wider in scope than most definitions of AI and would mean that software not commonly considered as using AI would be covered by the regulation.

Scope of application

The Act: (i) will apply to both private and public sectors that are considered providers and/or users of AI; and (ii) has an extraterritorial effect, as it will apply to providers in third countries who provide services with AI systems in the European market.

Risk Framework

The Act’s four-tiered risk approach categorises AI systems based on the threat posed on one’s health, safety and/or fundamental right and freedoms including the right to privacy. The Act then sets out proportionate requirements and obligations based on the risk level. The four categories and some indicative requirements are as follows:

 

Unacceptable RiskHigh RiskLimited RiskMinimal or no Risk
Examples of AI systemsSocial scoring

 

Distortion of human behaviour

 

Exploitation of children

Real-time remote biometric identification AI system

 

Safety components in medical devices

ChatbotsSpam filters
Use casesBannedPrior and/or post implementation conformity assessmentsTransparency obligations

 

Voluntary adherence to codes of conduct

No restrictions but voluntary adherence to codes of conduct is encouraged

 

Potential Exposure and Liability

There are levels of risk and potential fines and remedies that are set out in the draft Act. In a mirroring of the GDPR, there are substantial fines in the event of non-compliance, but a regulator could also require the withdrawal of the AI system in use and potentially other commercially damaging reputational publications.

Infringers can potentially face fines which vary according to the risk and the severity of the breach. The tiers in the draft Act are:

 

Breach according to the Draft ActPotential fine in accordance with the Draft Act
breaching the prohibition on unacceptable-risk AI system or infringing the data governance provisions for high-risk AI systemsup to the higher of EUR 30 million and 6% of the total worldwide annual turnover
non-compliance of AI systems with any other requirement under the Draft AI Regulationup to the higher of EUR 20 million and 4% of the total worldwide annual turnover
supplying incorrect, incomplete, or false information to notified bodies and national authoritiesup to the higher of EUR 10 million and 2% of the total worldwide annual turnover

 

Please contact Jose Saras if you have any questions regarding the above.

The material contained in this article is only for general review of the topics covered and does not constitute any legal advice. No legal or business decision should be based on its content.

 

 

 

 

Latest Preiskel & Co blog posts
  • General EU Requirements for Cookie Banners – EDPB Task Force Report
    January 27, 2023
  • Ofcom Launches Investigation into BT Following Suspected Breaches of Consumer Protections Post Implementation of EECC
    January 27, 2023
  • Important decision impacting how companies must provide personal data requested by data subjects under their access rights
    January 19, 2023
  • NIS 2 Directive – Enhanced Common Level Cybersecurity Across the EU
    January 12, 2023
  • Saving the WWW from the W3C
    December 20, 2022
  • Imminent US adequacy decision to be met by legal challenges from privacy advocates
    December 13, 2022
  • Preiskel & Co Client, Nadira Murray’s awards for film “Winners”
    December 13, 2022
  • Telecoms Security Framework (TSF) – Background and Requirements
    December 8, 2022
  • Updated EU Commission decision paves way for 5G on the road and in-flight connectivity innovation
    November 29, 2022
  • Controller Binding Corporate Rules – EDPB adopts new recommendations on the application for approval and the elements and principles of the Rules
    November 25, 2022
  • ICO reveals new transfer risk assessment tool
    November 25, 2022
  • Ofcom publishes new rules for telecoms providers to combat scam calls
    November 23, 2022

The Preiskel Blog

  • General EU Requirements for Cookie Banners – EDPB Task Force Report 27 Jan 2023
  • Ofcom Launches Investigation into BT Following Suspected Breaches of Consumer Protections Post Implementation of EECC 27 Jan 2023
  • Important decision impacting how companies must provide personal data requested by data subjects under their access rights 19 Jan 2023
  • NIS 2 Directive – Enhanced Common Level Cybersecurity Across the EU 12 Jan 2023

Preiskel news

  • Danny Preiskel to speak at the Westminster eForum policy conference ‘Next steps for the UK mobile industry’
  • Preiskel & Co’s corporate team advised IXAfrica regarding a highly significant technology infrastructure investment for East Africa
  • Preiskel & Co’s Technology M&A Global Practice Guide published by Chambers
  • Preiskel & Co Client, Nadira Murray’s awards for film “Winners”
Preiskel tweets
  • Danny Preiskel to speak at the @WeFEvents eForum policy conference ‘Next steps for the UK mobile industry’. Find ou… https://t.co/ELDiFBj6Zo3 days ago
  • General EU Requirements for Cookie Banners – EDPB Task Force Report. Find out more here: https://t.co/2yGdpzOEZp #cookies #EDPB8 days ago
  • Ofcom Launches Investigation into BT Following Suspected Breaches of Consumer Protections Post Implementation of EE… https://t.co/7hgZjWQ16T8 days ago
Preiskel & Co LLP
4 King's Bench Walk,
Temple,
London
EC4Y 7DL
United Kingdom

Tel: +44 20 7332 5640
Email: info@preiskel.com

Find us on:

TwitterLinkedinMail
© Preiskel & Co LLP 2023 | Site map | Legal notices | Cookie Policy | Privacy