Banco Sabadell has organised a new conference on Artificial Intelligence as part of the Trustworthy Artificial Intelligence season of talks that began at the beginning of this year and aims to provide its employees with all the necessary information to be able to enter, with the maximum guarantees, into the use of this revolutionary technology, which seems destined to radically transform the activity of companies, its customers and society in general. This new talk focused on the management of privacy and data in A.I. systems.
After two talks of a more generic scope, led by recognised specialists such as Xavier Marcet and Richard Benjamins, in which the scope of the changes that this new technology can usher in the day-to-day life of our society and its implications from the point of view of business ethics were discussed, the series of talks then moved on to more concrete and practical topics. Thus, this new talk, given by the professor of law and director of the Privacy Division of OdiseIA, Lorenzo Cotino, focused on analysing the laws that already regulate AI today, as well as those that will come into effect in the near future.
Artificial Intelligence, a technology that is now regulated
Cotino began his talk by refuting a widely held belief: that there are as yet no laws that regulate Artificial Intelligence. This is a mistaken belief, he said, because all activities related to the subject are already subject to the general European regulation in effect (GDPR) that regulates the protection and privacy of personal data of EU and EEA citizens. There are many other legal regulations already in effect that can be perfectly applied to Artificial Intelligence and that companies must always take into account when using this type of technology.
What is true, and may be the cause of this confusion, is that work is being done on the drafting of the first European regulation specifically aimed at regulating AI from a legal standpoint. This law, which will be the first of its kind in the world, will differ from the laws or practices prevailing in other countries such as China or the United States in that it will place the emphasis, very clearly, on the protection of the individual rights of citizens. The aim, as he explained, would be twofold. On the one hand, that the Artificial Intelligence projects developed in Europe can be distinguished with some kind of “Made in Europe” quality seal that would make it clear to all parties that a particular AI product is more reliable than others and scrupulously respects people’s rights and privacy. And, secondly, it will force non-EU countries (such as China or the US) that want to market AI products in Europe to respect the rules laid down here, even if they are not mandatory in their markets of origin.
He also referred to some problems of overlapping rules that can already be foreseen today, and that could mean certain aspects of this new European law might have some aspects that could clash with currently enacted laws and regulations.
What is and what is not AI? Different types of AI, different levels of protection
Among the main challenges that the new regulation will have to solve is determining what is and what is not Artificial Intelligence. It will also have to determine the risk associated with each solution that contains AI in its development, since the level of protection to be applied is different depending on the type of information used and the degree of impact on user privacy.
He also debunked another of the “false beliefs” that, he said, are often detected among companies. Specifically, the one that states that if the data used in an Artificial Intelligence system is not identifiable (it does not contain personal data) then it is exempt from the application of data protection legislation. It is not that simple, he said, and it is an issue that companies should take care of as much as possible. He placed special emphasis on the fully automated decisions that can be programmed using Artificial Intelligence, detailing those that are expected to be totally prohibited in the new European regulations. For example, with regard to financial institutions, those related to the granting of credit. But there are many others, which have an equally direct impact on other types of industries, such as the automotive industry, for example.
In short, Artificial Intelligence is a field of work that must be analysed in depth and in detail, from a legal point of view, by any company that is considering starting to use these technologies in their day-to-day operations.
- For more information, you can watch the talk here.
- More informative resources are also available at www.cotino.es