EU Artificial Intelligence Act: The European Approach to AI

Stanford - Vienna Transatlantic Technology Law Forum, Transatlantic Antitrust and IPR Developments, Stanford University, Issue No. 2/2021

New Stanford tech policy research: “EU Artificial Intelligence Act: The European Approach to AI”.

EU regulatory framework for AI

On 21 April 2021, the European Commission presented the Artificial Intelligence Act. This Stanford Law School contribution lists the main points of the proposed regulatory framework for AI.

The Act seeks to codify the high standards of the EU trustworthy AI paradigm, which requires AI to be legally, ethically and technically robust, while respecting democratic values, human rights and the rule of law. The draft regulation sets out core horizontal rules for the development, commodification and use of AI-driven products, services and systems within the territory of the EU, that apply to all industries.

Legal sandboxes fostering innovation

The EC aims to prevent the rules from stifling innovation and hindering the creation of a flourishing AI ecosystem in Europe. This is ensured by introducing various flexibilities, including the application of legal sandboxes that afford breathing room to AI developers.

Sophisticated ‘product safety regime’

The EU AI Act introduces a sophisticated ‘product safety framework’ constructed around a set of 4 risk categories. It imposes requirements for market entrance and certification of High-Risk AI Systems through a mandatory CE-marking procedure. To ensure equitable outcomes, this pre-market conformity regime also applies to machine learning training, testing and validation datasets.

Pyramid of criticality

The AI Act draft combines a risk-based approach based on the pyramid of criticality, with a modern, layered enforcement mechanism. This means, among other things, that a lighter legal regime applies to AI applications with a negligible risk, and that applications with an unacceptable risk are banned. Stricter regulations apply as risk increases.

Enforcement at both Union and Member State level

The draft regulation provides for the installation of a new enforcement body at Union level: the European Artificial Intelligence Board (EAIB). At Member State level, the EAIB will be flanked by national supervisors, similar to the GDPR’s oversight mechanism. Fines for violation of the rules can be up to 6% of global turnover, or 30 million euros for private entities.

CE-marking for High-Risk AI Systems

In line with my recommendations, Article 49 of the Act requires high-risk AI and data-driven systems, products and services to comply with EU benchmarks, including safety and compliance assessments. This is crucial because it requires AI infused products and services to meet the high technical, legal and ethical standards that reflect the core values of trustworthy AI. Only then will they receive a CE marking that allows them to enter the European markets. This pre-market conformity mechanism works in the same manner as the existing CE marking: as safety certification for products traded in the European Economic Area (EEA).

Trustworthy AI by Design: ex ante and life-cycle auditing

Responsible, trustworthy AI by design requires awareness from all parties involved, from the first line of code. Indispensable tools to facilitate this awareness process are AI impact and conformity assessments, best practices, technology roadmaps and codes of conduct. These tools are executed by inclusive, multidisciplinary teams, that use them to monitor, validate and benchmark AI systems. It will all come down to ex ante and life-cycle auditing.

The new European rules will forever change the way AI is formed. Pursuing trustworthy AI by design seems like a sensible strategy, wherever you are in the world.

Meer lezen

Establishing a Legal-Ethical Framework for Quantum Technology

Yale Law School, Yale Journal of Law & Technology (YJoLT) The Record 2021

New peer reviewed cross-disciplinary Stanford University Quantum & Law research article: “Establishing a Legal-Ethical Framework for Quantum Technology”.

By Mauritz Kop

Citation: Kop, Mauritz, Establishing a Legal-Ethical Framework for Quantum Technology (March 2, 2021). Yale J.L. & Tech. The Record 2021, https://yjolt.org/blog/establishing-legal-ethical-framework-quantum-technology

Please find a short abstract below:

What is quantum technology?

Quantum technology is founded on general principles of quantum mechanics and combines the counterintuitive physics of the very small with engineering. Particles and energy at the smallest scale do not follow the same rules as the objects we can detect around us in our everyday lives. The general principles, or properties, of quantum mechanics are superposition, entanglement, and tunnelling. Quantum mechanics aims to clarify the relationship between matter and energy, and it describes the building blocks of atoms at the subatomic level.

Raising Quantum Awareness

Quantum technologies are rapidly evolving from hypothetical ideas to commercial realities. As the world prepares for these tangible applications, the quantum community issued an urgent call for action to design solutions that can balance their transformational impact. An important first step to encourage the debate is raising quantum awareness. We have to put controls in place that address identified risks and incentivise sustainable innovation.

Connecting AI and Nanotechnology to Quantum

Establishing a culturally sensitive legal-ethical framework for applied quantum technologies can help to accomplish these goals. This framework can be built on existing rules and requirements for AI. We can enrich this framework further by integrating ethical, legal and social issues (ELSI) associated with nanotechnology. In addition, the unique physical characteristics of quantum mechanics demand universal guiding principles of responsible, human-centered quantum technology. To this end, the article proposes ten guiding principles for the development and application of quantum technology.

Risk-based Quantum Technology Impact Assessment Tools

Lastly, how can we monitor and validate that real world quantum tech-driven implementations remain legal, ethical, social and technically robust during their life cycle? Developing concrete tools that address these challenges might be the answer. Raising quantum awareness can be accomplished by discussing a legal-ethical framework and by utilizing risk-based technology impact assessment tools in the form of best practices and moral guides.

Meer lezen

Democratic Countries Should Form a Strategic Tech Alliance

Stanford - Vienna Transatlantic Technology Law Forum, Transatlantic Antitrust and IPR Developments, Stanford University, Issue No. 1/2021

New Stanford innovation policy research: “Democratic Countries Should Form a Strategic Tech Alliance”.

Exporting values into society through technology

China’s relentless advance in Artificial Intelligence (AI) and quantum computing has engendered a significant amount of anxiety about the future of America’s technological supremacy. The resulting debate centres around the impact of China’s digital rise on the economy, security, employment and the profitability of American companies. Absent in these predominantly economic disquiets is what should be a deeper, existential concern: What are the effects of authoritarian regimes exporting their values into our society through their technology? This essay will address this question by examining how democratic countries can, or should respond, and what you can do about it to influence the outcome.

Towards a global responsible technology governance framework

The essay argues that democratic countries should form a global, broadly scoped Strategic Tech Alliance, built on mutual economic interests and common moral, social and legal norms, technological interoperability standards, legal principles and constitutional values. An Alliance committed to safeguarding democratic norms, as enshrined in the Universal Declaration of Human Rights (UDHR) and the International Covenant on Civil and Political Rights (ICCPR). The US, the EU and its democratic allies should join forces with countries that share our digital DNA, institute fair reciprocal trading conditions, and establish a global responsible technology governance framework that actively pursues democratic freedoms, human rights and the rule of law.

Two dominant tech blocks with incompatible political systems

Currently, two dominant tech blocks exist that have incompatible political systems: the US and China. The competition for AI and quantum ascendancy is a battle between ideologies: liberal democracy mixed with free market capitalism versus authoritarianism blended with surveillance capitalism. Europe stands in the middle, championing a legal-ethical approach to tech governance.

Democratic, value-based Strategic Tech Alliance

The essay discusses political feasibility of cooperation along transatlantic lines, and examines arguments against the formation of a democratic, value-based Strategic Tech Alliance that will set global technology standards. Then, it weighs the described advantages of the establishment of an Alliance that aims to win the race for democratic technological supremacy against disadvantages, unintended consequences and the harms of doing nothing.

Democracy versus authoritarianism: sociocritical perspectives

Further, the essay attempts to approach the identified challenges in light of the ‘democracy versus authoritarianism’ discussion from other, sociocritical perspectives, and inquires whether we are democratic enough ourselves.

How Fourth Industrial Revolution (4IR) technology is shaping our lives

The essay maintains that technology is shaping our everyday lives, and that the way in which we design and utilize our technology is influencing nearly every aspect of the society we live in. Technology is never neutral. The essay describes that regulating emerging technology is an unending endeavour that follows the lifespan of the technology and its implementation. In addition, it debates how democratic countries should construct regulatory solutions that are tailored to the exponential pace of sustainable innovation in the Fourth Industrial Revolution (4IR).

Preventing authoritarianism from gaining ground

The essay concludes that to prevent authoritarianism from gaining ground, governments should do three things: (1) inaugurate a Strategic Tech Alliance, (2) set worldwide core rules, interoperability & conformity standards for key 4IR technologies such as AI, quantum and Virtual Reality (VR), and (3) actively embed our common democratic norms, principles and values into the architecture and infrastructure of our technology.

Meer lezen

Safeguards for accelerated market authorization of vaccines in Europe

by Suzan Slijpen & Mauritz Kop

This article has been published by the Stanford Law School ‘Center for Law and the Biosciences’, Stanford University, 15 March 2021. link to the full text: https://law.stanford.edu/2021/03/15/safeguards-for-accelerated-market-authorization-of-vaccines-in-europe/

The first COVID-19 vaccines have been approved

People around the globe are concerned about safety issues encircling the accelerated introduction of corona vaccines. In this article, we discuss the regulatory safeguards for fast-track market authorization of vaccines in Europe. In addition, we explain how the transmission of European Union law into national Member State legislation works. We then clarify what happens before a drug can be introduced into the European market. We conclude that governments should build bridges of mutual understanding between communities and increase trust in the safety of authorized vaccines across all population groups, using the right messengers.

Drug development normally takes several years

Drug development normally takes several years. The fact that it has been a few months now seems ridiculously short. How is the quality and integrity of the vaccine ensured? That people - on both sides of the Atlantic - are concerned about this is entirely understandable. How does one prevent citizens from being harmed by vaccines and medicines that do not work for everyone, because the admission procedures have been simplified too much?

The purpose of this article is to shed a little light upon the accelerated market authorization procedures on the European continent, with a focus on the situation in the Netherlands.

How a vaccine is introduced into the market

In June 2020, the Dutch government, in close cooperation with Germany, France and Italy, formed a Joint Negotiation Team which, under the watchful eye of the European Commission, has been negotiating with vaccine developers. Its objective: to conclude agreements with drug manufacturers at an early stage about the availability of vaccines for European countries. In case these manufacturers are to succeed in developing a successful vaccine for which the so-called Market Authorization (MA) is granted by EMA or CBG, this could lead to the availability of about 50 million vaccines (for the Netherlands alone).

Who is allowed to produce these vaccines?

Who is allowed to produce these vaccines? The Dutch Medicines Act is very clear about this. Only "market authorization holders" are allowed to manufacture medicines, including vaccines. These are parties that have gone through an extensive application procedure, who demonstrably have a solid pharmaceutical quality management system in place and have obtained a pharmaceutical manufacturing license (the MIA, short for Manufacturing and Importation Authorisation). This license is granted after assessment by the Health and Youth Care Inspectorate of the Ministry of Health, Welfare & Sport (IGJ) – by Farmatec. Farmatec is part of the CIBG, an implementing body of the Ministry of Health, Welfare and Sport (VWS). The M-license is mandatory for parties who prepare, or import medicines.

Read more at the Stanford Center for Law and the Biosciences!

Read more on manufacturing licenses, fast track procedures and market authorization by the European Medicines Agency (EMA) and the EC, harmonisation and unification of EU law, CE-markings, antigenic testing kits, mutations, reinfection, multivalent vaccines, mucosal immunity, Good Manufacturing Practices (GMP), pharmacovigilance, the HERA Incubator, clinical trials, compulsory vaccination regimes and continuous quality control at Stanford!

Meer lezen

We hebben dringend een recht op dataprocessing nodig

Deze column is gepubliceerd op platform VerderDenken.nl van het Centrum voor Postacademisch Juridisch Onderwijs (CPO) van de Radboud Universiteit Nijmegen. https://www.ru.nl/cpo/verderdenken/columns/we-dringend-recht-dataprocessing-nodig/

Bij een datagedreven economie hoort een gezond ecosysteem voor machine learning en artificial intelligence. Mauritz Kop beschrijft de juridische problemen en oplossingen hierbij. “We hebben dringend een recht op dataprocessing nodig.”

5 juridische obstakels voor een succesvol AI-ecosysteem

Eerder schreef ik dat vraagstukken over het (intellectueel) eigendom van data, databescherming en privacy een belemmering vormen voor het (her)gebruiken en delen van hoge kwaliteit data tussen burgers, bedrijven, onderzoeksinstellingen en de overheid. Er bestaat in Europa nog geen goed functionerend juridisch-technisch systeem dat rechtszekerheid en een gunstig investeringsklimaat biedt en bovenal is gemaakt met de datagedreven economie in het achterhoofd. We hebben hier te maken met een complex probleem dat in de weg staat aan exponentiële innovatie.

Auteursrechten, Privacy en Rechtsonzekerheid over eigendom van data

De eerste juridische horde bij datadelen is auteursrechtelijk van aard. Ten tweede kunnen er (sui generis) databankenrechten van derden rusten op (delen van) de training-, testing- of validatiedataset. Ten derde zullen bedrijven na een strategische afweging kiezen voor geheimhouding, en niet voor het patenteren van hun technische vondst. Het vierde probleempunt is rechtsonzekerheid over juridisch eigendom van data. Een vijfde belemmering is de vrees voor de Algemene verordening gegevensbescherming (AVG). Onwetendheid en rechtsonzekerheid resulteert hier in risicomijdend gedrag. Het leidt niet tot spectaculaire Europese unicorns die de concurrentie aankunnen met Amerika en China.

Wat is machine learning eigenlijk?

Vertrouwdheid met technische aspecten van data in machine learning geeft juristen, datawetenschappers en beleidsmakers de mogelijkheid om effectiever te communiceren over toekomstige regelgeving voor AI en het delen van data.

Machine learning en datadelen zijn van elementair belang voor de geboorte en de evolutie van AI. En daarmee voor het behoud van onze democratische waarden, welvaart en welzijn. Een machine learning-systeem wordt niet geprogrammeerd, maar getraind. Tijdens het leerproces ontvangt een computer uitgerust met kustmatige intelligentie zowel invoergegevens (trainingdata), als de verwachte, bij deze inputdata behorende antwoorden. Het AI-systeem moet zelf de bijpassende regels en wetmatigheden formuleren met een kunstmatig brein. Algoritmische, voorspellende modellen kunnen vervolgens worden toegepast op nieuwe datasets om nieuwe, correcte antwoorden te produceren.

Dringend nodig: het recht op dataprocessing

De Europese Commissie heeft de ambitie om datasoevereiniteit terug te winnen. Europa moet een internationale datahub worden. Dit vereist een modern juridisch raamwerk in de vorm van de Europese Data Act, die in de loop van 2021 wordt verwacht. Het is naar mijn idee cruciaal dat de Data Act een expliciet recht op dataprocessing bevat.

Technologie is niet neutraal

Tegelijkertijd kan de architectuur van digitale systemen de sociaal-maatschappelijke impact van digitale transformatie reguleren. Een digitaal inclusieve samenleving moet technologie actief vormgeven. Technologie an sich is namelijk nooit neutraal. Maatschappelijke waarden zoals transparantie, vertrouwen, rechtvaardigheid, controle en cybersecurity moeten worden ingebouwd in het design van AI-systemen en de benodigde trainingdatasets, vanaf de eerste regel code.

Meer lezen

The Right to Process Data for Machine Learning Purposes in the EU

Harvard Law School, Harvard Journal of Law & Technology (JOLT) Online Digest 2020, Forthcoming

New interdisciplinary Stanford University AI & Law research article: “The Right to Process Data for Machine Learning Purposes in the EU”.

Data Act & European data-driven economy

Europe is now at a crucial juncture in deciding how to deploy data driven technologies in ways that encourage democracy, prosperity and the well-being of European citizens. The upcoming European Data Act provides a major window of opportunity to change the story. In this respect, it is key that the European Commission takes firm action, removes overbearing policy and regulatory obstacles, strenuously harmonizes relevant legislation and provides concrete incentives and mechanisms for access, sharing and re-use of data. The article argues that to ensure an efficiently functioning European data-driven economy, a new and as yet unused term must be introduced to the field of AI & law: the right to process data for machine learning purposes.

The state can implement new modalities of property

Data has become a primary resource that should not be enclosed or commodified per se, but used for the common good. Commons based production and data for social good initiatives should be stimulated by the state. We need not to think in terms of exclusive, private property on data, but in terms of rights and freedoms to use, (modalities of) access, process and share data. If necessary and desirable for the progress of society, the state can implement new forms of property. Against this background the article explores normative justifications for open innovation and shifts in the (intellectual) property paradigm, drawing inspiration from the works of canonical thinkers such as Locke, Marx, Kant and Hegel.

Ius utendi et fruendi for primary resource data

The article maintains that there should be exceptions to (de facto, economic or legal) ownership claims on data that provide user rights and freedom to operate in the setting of AI model training. It concludes that this exception is conceivable as a legal concept analogous to a quasi, imperfect usufruct in the form of a right to process data for machine learning purposes. A combination of usus and fructus (ius utendi et fruendi), not for land but for primary resource data. A right to process data that works within the context of AI and the Internet of Things (IoT), and that fits in the EU acquis communautaire. Such a right makes access, sharing and re-use of data possible, and helps to fulfil the European Strategy for Data’s desiderata.

Meer lezen

Machine Learning & EU Data Sharing Practices

Stanford - Vienna Transatlantic Technology Law Forum, Transatlantic Antitrust and IPR Developments, Stanford University, Issue No. 1/2020

New multidisciplinary research article: ‘Machine Learning & EU Data Sharing Practices’.

In short, the article connects the dots between intellectual property (IP) on data, data ownership and data protection (GDPR and FFD), in an easy to understand manner. It also provides AI and Data policy and regulatory recommendations to the EU legislature.

As we all know, machine learning & data science can help accelerate many aspects of the development of drugs, antibody prophylaxis, serology tests and vaccines.

Supervised machine learning needs annotated training datasets

Data sharing is a prerequisite for a successful Transatlantic AI ecosystem. Hand-labelled, annotated training datasets (corpora) are a sine qua non for supervised machine learning. But what about intellectual property (IP) and data protection?

Data that represent IP subject matter are protected by IP rights. Unlicensed (or uncleared) use of machine learning input data potentially results in an avalanche of copyright (reproduction right) and database right (extraction right) infringements. The article offers three solutions that address the input (training) data copyright clearance problem and create breathing room for AI developers.

The article contends that introducing an absolute data property right or a (neighbouring) data producer right for augmented machine learning training corpora or other classes of data is not opportune.

Legal reform and data-driven economy

In an era of exponential innovation, it is urgent and opportune that both the TSD, the CDSM and the DD shall be reformed by the EU Commission with the data-driven economy in mind.

Freedom of expression and information, public domain, competition law

Implementing a sui generis system of protection for AI-generated Creations & Inventions is -in most industrial sectors- not necessary since machines do not need incentives to create or invent. Where incentives are needed, IP alternatives exist. Autonomously generated non-personal data should fall into the public domain. The article argues that strengthening and articulation of competition law is more opportune than extending IP rights.

Data protection and privacy

More and more datasets consist of both personal and non-personal machine generated data. Both the General Data Protection Regulation (GDPR) and the Regulation on the free flow of non-personal data (FFD) apply to these ‘mixed datasets’.

Besides the legal dimensions, the article describes the technical dimensions of data in machine learning and federated learning.

Modalities of future AI-regulation

Society should actively shape technology for good. The alternative is that other societies, with different social norms and democratic standards, impose their values on us through the design of their technology. With built-in public values, including Privacy by Design that safeguards data protection, data security and data access rights, the federated learning model is consistent with Human-Centered AI and the European Trustworthy AI paradigm.

Meer lezen