AI Legislation Ought to Be Agnostic to Technology
The European Union is considering revisions to the Artificial Intelligence Act (AI Act) to refine its risk-based regulatory framework, ensuring that technologies that do not pose novel risks are not unduly penalized.
The AI Act, designed to regulate the use of AI to ensure safety and protection, currently has a broad definition that could potentially penalize technologies that do not pose significant risks. The proposed revisions aim to address this issue by differentiating between AI approaches based on their level of risk.
The AI Act introduces a risk-based approach, focusing regulatory rigor on “high-risk” AI systems and prohibiting “unacceptable risk” AI use cases. This approach inherently targets innovative AI systems that present new or significant risks, implying that technologies without novel risks should not be heavily penalized under the law.
To further clarify the AI definition and applicable obligations, guidance and codes of practice, such as the proposed General-Purpose AI Code of Practice, are under development. These resources are intended to help delineate which systems require more stringent compliance, excluding low-risk or already well-regulated technologies.
Moreover, the emphasis on AI literacy obligations for providers and deployers aims to enhance understanding and practical risk assessment, helping to identify which AI systems genuinely warrant regulatory constraints and which do not, thereby reducing over-penalization.
The trend towards regulating based on risk and impact, rather than breadth of AI capability, is also evident in the parallel development of regulatory regimes in other jurisdictions, such as Texas. These regimes target demonstrably harmful uses of AI rather than all AI technologies indiscriminately, providing a principle that can inform revisions to the EU AI Act’s AI definition to avoid penalizing benign technologies.
In summary, proposed revisions seek to incorporate clearer risk criteria and compliance guidance so that regulation is proportionate to the actual risks posed by AI systems. This involves refining the definition and scope of AI systems subject to high-risk classifications and improving risk literacy among involved parties. The ultimate goal is to allow people and businesses to enjoy the benefits of AI while feeling safe and protected.
[1] European Commission. (2021). Proposal for a Regulation laying down harmonised rules on artificial intelligence (Artificial Intelligence Act). Retrieved from https://ec.europa.eu/info/law/better-regulation/have-your-say/initiatives/12527-Artificial-Intelligence-Act
[2] Office of the Texas Attorney General. (2021). Texas passes nation's first artificial intelligence law. Retrieved from https://www.texasattorneygeneral.gov/news/releases/texas-passes-nations-first-artificial-intelligence-law/
- The European Commission's proposal for the revised Artificial Intelligence Act seeks to differentiate AI approaches based on their level of risk, ensuring that technologies that do not pose significant risks are not unduly penalized.
- The General-Purpose AI Code of Practice, under development to help clarify the AI definition and applicable obligations, aims to delineate which systems require more stringent compliance, excluding low-risk or already well-regulated technologies.
- The regulatory regimes being developed in jurisdictions like Texas target demonstrably harmful uses of AI, providing a principle that can inform revisions to the EU AI Act’s AI definition to avoid penalizing benign technologies.
- The ultimate goal of the revisions to the AI Act is to allow people and businesses to enjoy the benefits of AI while feeling safe and protected, by incorporating clearer risk criteria and compliance guidance so that regulation is proportionate to the actual risks posed by AI systems.
