Politics

5 takeaways from the EU's new AI and data regulation plans

Europe wants in on AI — at least the good parts.

European Commission President Ursula Von der Leyen

European Commission President President Ursula von der Leyen wants Europe to have the capability "to make its own choices, based on its own values, respecting its own rules."

Photo: Thierry Monasse/Getty Images

The European Union has new ideas about how it could try to keep up with America and China on AI — and it could shape global thinking on how the technology is regulated in the process.

The European Commission published a suite of proposals for Europe's digital future on Wednesday, including a new data strategy and a white paper on artificial intelligence. They describe, among other things, proposed regulations of cutting-edge uses of AI, and the building out of a unified European data market.

The overall theme, as laid out in an op-ed by European Commission President President Ursula von der Leyen, is to give Europe the capability "to make its own choices, based on its own values, respecting its own rules" on AI — part of what she describes as "tech sovereignty."

Get what matters in tech, in your inbox every morning. Sign up for Source Code.

But Europe could in the process make a global impact.

"The general ambition is that the EU takes the lead on regulation of AI — exactly as it did in the field of personal data protection," said Théodore Christakis, a law professor at Université Grenoble-Alpes who focuses on AI. "Regulation of artificial intelligence is seen as a kind of 'the next GDPR,'" he added.

Von der Leyen made the ambitious promise to initiate AI legislation within 100 days of taking office. That's not exactly what we have today. Instead, the AI white paper is a set of proposed approaches that could change substantially before becoming law.

"It's not legally binding," Christakis said. "It is presented as a kind of roadmap for rules that should be adopted in the coming years." The first actual regulation, he said, could potentially be put in place near the by the end of 2020 at the earliest.

But what exactly do all these proposals for what Europe should do actually mean? There's a lot to dig through, so here are five of the most important takeaways.

Europe knows AI is the future, and wants in. Somehow.

The EU sees a huge opportunity in AI: to benefit people's lives, through improving efficiency in areas like health care, agriculture, and technology, as well as it being a driver of economic growth. But it knows that tech giants, mostly American, are already ahead in the race, and they need to find ways to drive investment to catch up.

The white paper suggests a way in: focusing on industrial, business, and public sector data that will end up being stored and processed on devices at the edge of the network, rather than in the cloud.

"This opens up new opportunities for Europe, which has a strong position in digitized industry and business-to-business applications, but a relatively weak position in consumer platforms," the AI white paper notes.

That may not be enough.

"The problem is, not all, but much of data innovation, is driven by personal data — and most data on some level is personal data," said Sue Aaronson, a professor at The George Washington University and director of its Data Governance Hub. So it's unclear how the EU will navigate this terrain at the same time as complying with its own strict General Data Protection Regulation.

Europe also wants to protect itself from harmful AI.

The strongest regulatory idea in the proposal is the creation of a mandatory testing system for AI applications that the EU considers high risk, especially those with significant human rights implications, such as government use of facial recognition or predictive policing algorithms.

"Basically the Commission is inspired here by conformity assessment mechanisms that already exist for a large number of products being placed on the EU's internal market" like cars and chemicals, Christakis said.

The proposal lays out two key criteria for what it considers a "high risk" use of AI. First, is it being deployed in a sector where there could be significant risks, like health, energy or transportation? Second, is it a system that could actually affect safety? Meanwhile, it suggests a more light touch for non-"high-risk" data uses, to avoid hindering innovation.

Early indications suggest that the industry welcomes this idea. "By focusing on precision regulation — applying different rules for different levels of risk — Europe can ensure its businesses and consumers have trust in technology," Christopher Padilla, vice president for government and regulatory affairs at IBM, said in a statement.

That facial recognition ban? It's scrapped.

A draft of the AI paper that leaked in January suggested a temporary multiyear ban on facial recognition technologies in public places, to give governments time to figure out how to use it safely and ethically.

That section didn't end up in the final documents. Instead, the version released Wednesday says that the "Commission will launch a broad European debate on the specific circumstances, if any, which might justify" the deployment of facial recognition technology for things like identifying people in public places.

That may disappoint privacy and civil liberties advocates who hoped to see a more aggressive stance. But others, including Christakis, see it as a sign that the EU is planning to take regulation in this area seriously, rather than scrambling to roll out policies to meet political deadlines.

Europe hopes data can fuel its own big tech competitors.

Changing gears to consider the data strategy, the Commission isn't coy about the status quo, acknowledging that just "a small number of big tech firms hold a large part of the world's data" right now. And that's a problem for Europe, it says, because it "could reduce the incentives for data-driven businesses to emerge, grow and innovate in the EU today."

But the strategy argues that "the winners of today will not necessarily be the winners of tomorrow" and lays out plans to try to increase local investment and foster the development of local competitors.

That includes incentivizing data sharing between European businesses with an emphasis on the industrial and business data that doesn't run afoul of the EU's strong privacy protections. But chief among those plans is the creation of "a single European data space — a genuine single market for data" that is open to data from anywhere, but governed by "European rules and values" including strong personal and consumer data protections.

Promoting sharing of this data within a structured marketplace may also promote transparency that could help Europe more effectively regulate data. Often, governments and researchers "just don't know what information [tech] firms have — they don't share with us, which makes it really hard to regulate," Aaronson said.

None of this is certain — but it could affect global policy all the same.

It's worth remembering that this is all still very much up in the air. The AI white paper is open for comment until May 19, and the Commision is also accepting feedback on the data strategy. Stakeholders — including the big tech firms that no doubt have strong opinions about the proposals — will waste little time in weighing in.

"In reality, lobbying has already started," Christakis said.

For tech leaders, especially those at big tech firms who have pushed their vision of the future to get ahead of AI regulation, this could represent a crucial moment. Currently there is a dearth of movement on these issues in the U.S., and Europe has a history of taking a lead in regulating technology — most recently with GDPR.

"The U.S. is not regulating effectively because we don't want to hamper" domestic tech giants, Aaronson said. But Europe seems ready to dive in, she added — and that could mean the rest of the world soon follows.

Fintech

Judge Zia Faruqui is trying to teach you crypto, one ‘SNL’ reference at a time

His decisions on major cryptocurrency cases have quoted "The Big Lebowski," "SNL," and "Dr. Strangelove." That’s because he wants you — yes, you — to read them.

The ways Zia Faruqui (right) has weighed on cases that have come before him can give lawyers clues as to what legal frameworks will pass muster.

Photo: Carolyn Van Houten/The Washington Post via Getty Images

“Cryptocurrency and related software analytics tools are ‘The wave of the future, Dude. One hundred percent electronic.’”

That’s not a quote from "The Big Lebowski" — at least, not directly. It’s a quote from a Washington, D.C., district court memorandum opinion on the role cryptocurrency analytics tools can play in government investigations. The author is Magistrate Judge Zia Faruqui.

Keep Reading Show less
Veronica Irwin

Veronica Irwin (@vronirwin) is a San Francisco-based reporter at Protocol covering fintech. Previously she was at the San Francisco Examiner, covering tech from a hyper-local angle. Before that, her byline was featured in SF Weekly, The Nation, Techworker, Ms. Magazine and The Frisc.

The financial technology transformation is driving competition, creating consumer choice, and shaping the future of finance. Hear from seven fintech leaders who are reshaping the future of finance, and join the inaugural Financial Technology Association Fintech Summit to learn more.

Keep Reading Show less
FTA
The Financial Technology Association (FTA) represents industry leaders shaping the future of finance. We champion the power of technology-centered financial services and advocate for the modernization of financial regulation to support inclusion and responsible innovation.
Enterprise

AWS CEO: The cloud isn’t just about technology

As AWS preps for its annual re:Invent conference, Adam Selipsky talks product strategy, support for hybrid environments, and the value of the cloud in uncertain economic times.

Photo: Noah Berger/Getty Images for Amazon Web Services

AWS is gearing up for re:Invent, its annual cloud computing conference where announcements this year are expected to focus on its end-to-end data strategy and delivering new industry-specific services.

It will be the second re:Invent with CEO Adam Selipsky as leader of the industry’s largest cloud provider after his return last year to AWS from data visualization company Tableau Software.

Keep Reading Show less
Donna Goodison

Donna Goodison (@dgoodison) is Protocol's senior reporter focusing on enterprise infrastructure technology, from the 'Big 3' cloud computing providers to data centers. She previously covered the public cloud at CRN after 15 years as a business reporter for the Boston Herald. Based in Massachusetts, she also has worked as a Boston Globe freelancer, business reporter at the Boston Business Journal and real estate reporter at Banker & Tradesman after toiling at weekly newspapers.

Image: Protocol

We launched Protocol in February 2020 to cover the evolving power center of tech. It is with deep sadness that just under three years later, we are winding down the publication.

As of today, we will not publish any more stories. All of our newsletters, apart from our flagship, Source Code, will no longer be sent. Source Code will be published and sent for the next few weeks, but it will also close down in December.

Keep Reading Show less
Bennett Richardson

Bennett Richardson ( @bennettrich) is the president of Protocol. Prior to joining Protocol in 2019, Bennett was executive director of global strategic partnerships at POLITICO, where he led strategic growth efforts including POLITICO's European expansion in Brussels and POLITICO's creative agency POLITICO Focus during his six years with the company. Prior to POLITICO, Bennett was co-founder and CMO of Hinge, the mobile dating company recently acquired by Match Group. Bennett began his career in digital and social brand marketing working with major brands across tech, energy, and health care at leading marketing and communications agencies including Edelman and GMMB. Bennett is originally from Portland, Maine, and received his bachelor's degree from Colgate University.

Enterprise

Why large enterprises struggle to find suitable platforms for MLops

As companies expand their use of AI beyond running just a few machine learning models, and as larger enterprises go from deploying hundreds of models to thousands and even millions of models, ML practitioners say that they have yet to find what they need from prepackaged MLops systems.

As companies expand their use of AI beyond running just a few machine learning models, ML practitioners say that they have yet to find what they need from prepackaged MLops systems.

Photo: artpartner-images via Getty Images

On any given day, Lily AI runs hundreds of machine learning models using computer vision and natural language processing that are customized for its retail and ecommerce clients to make website product recommendations, forecast demand, and plan merchandising. But this spring when the company was in the market for a machine learning operations platform to manage its expanding model roster, it wasn’t easy to find a suitable off-the-shelf system that could handle such a large number of models in deployment while also meeting other criteria.

Some MLops platforms are not well-suited for maintaining even more than 10 machine learning models when it comes to keeping track of data, navigating their user interfaces, or reporting capabilities, Matthew Nokleby, machine learning manager for Lily AI’s product intelligence team, told Protocol earlier this year. “The duct tape starts to show,” he said.

Keep Reading Show less
Kate Kaye

Kate Kaye is an award-winning multimedia reporter digging deep and telling print, digital and audio stories. She covers AI and data for Protocol. Her reporting on AI and tech ethics issues has been published in OneZero, Fast Company, MIT Technology Review, CityLab, Ad Age and Digiday and heard on NPR. Kate is the creator of RedTailMedia.org and is the author of "Campaign '08: A Turning Point for Digital Media," a book about how the 2008 presidential campaigns used digital media and data.

Latest Stories
Bulletins