Artificial Intelligence Act:

Latest developments

On 12 June 2023 it was announced that the Spanish EU Council presidency will prioritize the AI Act proposal regardless of the governing party, with the absence of political leadership potentially benefiting negotiations. Convergence is expected between Spain and the European Parliament with regards to sandboxes, but high-risk classification, law enforcement, and fundamental rights impact assessment remain contentious issues.

The first trilogue is scheduled for 14 June, immediately after the plenary vote scheduled on 13 June, allowing little time for preparation. Informal contacts have already begun, and negotiations are expected to accelerate in July and after the summer break, with three trilogues planned.

The goal would be to reach an agreement in time for the AI Alliance Assembly which is being organized on 16-17 November in Madrid.

On 22 May 2023 the report on the proposal for a regulation of the European Parliament and of the Council on laying down harmonised rules on Artificial Intelligence (Artificial Intelligence Act) and amending certain Union Legislative Acts was published.

The Draft Compromise Amendments on the draft Report on Proposal for a regulation of the European Parliament and of the Council on harmonised rules on Artificial Intelligence (Artificial Intelligence Act) and amending certain Union Legislative Acts was published on 16 May 2023.

The Internal Market and Consumer Protection (IMCO) and Civil Liberties, Justice and Home Affairs (LIBE) Committees’ joint draft report was adopted with 84 votes in favor, 7 against, and 12 abstentions on 11 May 2023.

Timeline

1. Commission’s proposal.

2. Council of the EU’S Position on Commission’s Proposal.

3. Council of the EU General Approach.

4. European Parliament agrees on draft.

5. European Parliament lead committees (IMCO and LIBE) adopt draft report.

6. European Parliament lead committees (IMCO and LIBE) tabled amendments.

7. Final vote on tabled amendments to take place in plenary session of 12-15 June 2023.

8. Trilogues to start on 14 June 2023.

9. If agreed, text to be published in EU Official Journal.

Status

Legislative proposals submitted and proceeding normally.

Objectives

To establish a framework for the development of human-centred, sustainable, safe, ethical and trustworthy AI systems and to ensure a uniform definition for AI designed to be technology-neutral, so that it can apply to the AI systems of today and tomorrow.

Analysis

1. Legislative overview

1.1. IMCO-LIBE Committees’ Report

Timeline:

• 22 May 2023: publication of the report on the proposal for a regulation of the European Parliament and of the Council on laying down harmonised rules on Artificial Intelligence (Artificial Intelligence Act) and amending certain Union Legislative Acts.
• 16 May 2023: publication of the draft compromise amendments.
• 11 May 2023: adoption of the draft report by IMCO-LIBE Committees’.

Main Provisions of Draft Compromise Amendments on the Draft Report on Proposal for a Regulation of the European Parliament and of the Council on harmonised rules on Artificial Intelligence (Artificial Intelligence Act) and amending certain Union legislative acts:

• Ensure AI systems are safe, transparent, non-discriminatory, environmentally friendly, and overseen by people;
• Narrow the definition of ‘artificial intelligence (AI) system’ as “a machine-based system that is designed to operate with varying levels of autonomy and that can, for explicit or implicit objectives, generate output such as predictions, recommendations, or decisions influencing physical or virtual environments.” The definition is now aligned with that of the OECD;
• Maintain risk-based approach to AI by creating obligations for providers and users depending on the AI system’s level of risk to people’s safety;
• Prohibit AI systems with an unacceptable level of risk, as those used for social scoring purposes, those that deploy manipulative techniques or exploit people’s vulnerabilities.

Extended bans on intrusive and discriminatory uses of AI systems:

• “Real-time” remote biometric identification systems in publicly accessible spaces;
• “Post” remote biometric identification systems, with the only exception of law enforcement for the prosecution of serious crimes but only after judicial authorisation;
• Biometric categorisation systems using sensitive data such as gender, race, ethnicity, citizenship status, religion, political orientation;
• Predictive policing systems based on profiling, location, or past criminal behaviour;
• Emotion recognition systems in law enforcement, border management, workplace, and educational institutions;
• Indiscriminate scraping of biometric data from social media or CCTV footage to create facial recognition databases, which violate human rights and the right to privacy.

Expansion of high-risk areas to include:

• Harm to people’s health, safety, fundamental rights, or the environment;
• Conclusion of an agreement between worker representatives and employers prior to putting into service or using a high-risk AI system at the workplace;
• AI systems that influence voters in political campaigns and in recommender systems used by social media platforms.

General Purpose AI and call for additional transparency measures:

Providers face a duty to demonstrate through appropriate design, testing and analysis the:

• Robust protection of the environment, fundamental rights, health and safety of people, as well as democracy and the rule of law;
• Assessment and mitigation of risks;
• Compliance with design, information and environmental requirements.

The text would oblige providers of foundation models to register in the EU database. And for generative foundation models, like GPT, to disclose whenever content is generated by AI, designing the model to prevent it from generating illegal content and publishing summaries of copyrighted data used for training.

Propositions:

To boost AI innovation, the text provides:

• Exemption to the transparency measures for research activities and AI components provided under open-source licenses;
• Promotion of regulatory sandboxes, or controlled environments, established by public authorities to test AI before its deployment.

Concerning governance, enforcement and protection of citizens’ rights, the text provides:

• A boost to citizens’ right to file complaints about AI systems and receive explanations of decisions based on high-risk AI systems that significantly impact their rights;
• A reform of the EU AI Office, which would be tasked with monitoring the implementation of the AI Act, providing guidance, and coordinating joint investigations.

1.2. General Approach from the Council of the EU

Timeline:

• 6 December 2022: Transport, Telecommunications, and Energy (TTE) Council adopted the General Approach from the Council of the EU.
• 25 November 2022: publication of the final version of the compromise text.
• 18 November 2022: Coreper unanimously agreed to submit compromise proposal to the Transport, Telecommunications, and Energy (TTE) Council in view of the General Approach.
• 8 November 2022: finalization of the compromise proposal.

Main provisions of General Approach on the Proposal for a Regulation of the European Parliament and of the Council on harmonised rules on Artificial Intelligence (Artificial Intelligence Act) and amending certain Union legislative acts:

• Narrow the definition of AI to systems developed through machine learning approaches and logic and knowledge-based approaches. This is to easily distinguish AI from simpler software systems;
• Clarify the scope of the AI Act, since it will not apply (other than the obligations relating to transparency) to AI systems used for the exclusive purpose of research and development, or to use by individuals for non-professional purposes. 

Prohibited AI practices:

• Extension to private actors the prohibition on using AI for social scoring;
• Prohibition on the use of AI systems that take advantage of the vulnerabilities of specific groups is expanded to include vulnerabilities related to the social and economic situation of individuals;
• Provisions to ban the use of ‘real-time’ remote biometric identification systems in public spaces by law enforcement authorities have been clarified. The text provides as exceptions the matters of national security, defence and military purposes, in which law enforcement authorities should therefore be exceptionally allowed to use such systems.

Classification of AI systems as high-risk:

• Text adds a horizontal layer on top of the high-risk classification, to ensure that AI systems that are not likely to cause serious fundamental rights violations or other significant risks are not captured.

Requirements for high-risk AI systems:

• Requirements for high-risk AI systems were clarified to make them more technically feasible and less burdensome for stakeholders to comply with, for instance in relation to the quality of data, or regarding the technical documentation that should be drawn up by SMEs to demonstrate that their high-risk AI systems comply with the requirements.
• AI systems are developed and distributed through complex value chains. So, the text includes changes clarifying the allocation of responsibilities and roles of the various actors in those chains, in particular providers and users of AI systems.
• Clarification of the relationship between responsibilities under the AI Act and responsibilities that already exist under other legislation, such as the relevant Union data protection or sectorial legislation, including as regards the financial services sector.

General purpose AI systems:

• New provisions added to account to situations where AI systems can be used for many different purposes and where general purpose AI technology is subsequently integrated into another high-risk system.
• The text specifies that certain requirements for high-risk AI systems would also apply to general purpose AI systems in such cases. However, instead of direct application of these requirements, an implementing act would specify how they should be applied in relation to general purpose AI systems, based on a consultation and detailed impact assessment and considering specific characteristics of these systems and related value chain, technical feasibility and market and technological developments.

Scope and provisions relating to law enforcement authorities:

• Exclusion of national security, defence, and military purposes from the scope of the AI Act.
• Clarified that the AI Act should not apply to AI systems and their outputs used for the sole purpose of research and development and to obligations of people using AI for non-professional purposes, which would fall outside the scope of the AI Act, except for the transparency obligations.
• Changes to reflect the need to respect the confidentiality of sensitive operational data in relation to law enforcement authorities have been made.

Compliance framework for the AI Act and AI Board:

• Several clarifications and simplifications to the provisions on the conformity assessment procedures have been made;
• Provisions related to market surveillance have been clarified and simplified to make them more effective and easier to implement;
• Modification of provisions concerning the AI Board, aiming for greater autonomy and to strengthen its role in the governance architecture for the AI Act;
• New requirement added for the Board to create a permanent subgroup serving as a platform for a wide range of stakeholders to ensure involvement of the stakeholders in all issues related to the implementation of the AI Act, including the preparation of implementing and delegated acts.

The text provides for more proportionate caps on administrative fines for SMEs and start-ups in case of infringements of the provisions of the AI Act.

Transparency provisions in favour of affected persons:

• Strengthening of requirements relating to the transparency of high-risk AI systems, including a new obligation for public entities to register the systems in the EU database for high-risk AI systems;
• Obligation for users of an emotion recognition system to inform natural persons when they are being exposed to such a system;
• A natural or legal person may make a complaint to the relevant market surveillance authority concerning non-compliance with the AI Act and may expect that such a complaint will be handled in line with the dedicated procedures of that authority.

Measures to support innovation:

• Regulatory sandboxes, supposed to establish a controlled environment for the development, testing and validation of innovative AI systems, should also allow for testing of innovative AI systems in real world conditions;
• New provisions have been added allowing unsupervised real-world testing of AI systems, under specific conditions and safeguards;
• To alleviate the administrative burden for smaller companies, text includes actions to support operators and for some limited and specific derogations.

1.3. EU Proposal by the European Commission

Timeline:

• 21 April 2021: publication of the proposal for a Regulation laying down harmonised rules on Artificial Intelligence (Artificial Intelligence Act) and amending certain Union Legislative Acts.

Prohibited AI systems:

• Manipulating human behaviour to circumvent users’ free will;
• Social scoring’ by governments;
• Use of remote biometric identification systems for law enforcement in publicly accessible places: prohibited but a few exceptions (Art. 5).

High-risk AI systems:

• Biometric identification and categorisation of natural persons used for the real-time and post identification of natural persons;
• Safety components of products already subject to third party ex-ante conformity assessment pursuant to EU law (e.g., Machinery Directive);
• Migration, asylum and border control management (e.g., verification of authenticity of travel documents). For the exhaustive list see Annex II and Annex III.

The proposal sets out requirements for high-risk AI systems in relation to data and data governance, documentation and recording keeping, transparency and provision of information to users, human oversight, robustness, accuracy and security.

When covered by New Legislative Framework (NLF) legislation (e.g., machinery, medical devices…) new requirements will be checked as part of the existing conformity assessment.

When covered by the “Old Approach” (e.g., aviation), AI requirements will be incorporated in the relevant legislations.

Self-conformity assessment for areas listed in Annex III, except for remote biometric identification (conformity assessment by a notified CAB unless harmonised standards fully applied).

Providers shall implement a post-market monitoring system.

AI systems posing limited risks:

Transparency requirements for certain AI systems that convey specific risks of manipulation:

• AI systems interacting with humans;
• AI systems that detect emotions or determine association with (social) categories based on biometric data;
• AI systems that generate or manipulate content (“deep fakes”).

Users must be informed that they interact with an AI system.

 Creation of a European AI Board:

• Composed by national supervisory authorities;
• Cooperation between national supervisory authorities and guidance to the European Commission;

Contribution on technical specifications, existing standards, harmonised standards, guidelines and guidance documents.

2. Key players

European Commission

• Commissioner for Internal Market: Thierry Breton.
• Executive Vice-President for a Europe Fit for the Digital Age: Margrethe Vestager.

European Parliament

Committee on the Internal Market and Consumer Protection (IMCO) - Joint Lead

• Rapporteur: Brando Benifei (S&D, Italy).
• Shadow Rapporteurs: Deirdre Clune (EPP, Ireland), Svenja Hahn (Renew, Germany), Kim van Sparrentak (Greens/EFA, the Netherlands), Jean-Lin Lacapelle (ID, France), Kosma Złotowski (ECR, Poland), Kateřina Konečná (GUE/NGL, Czech Republic).

Committee on Civil Liberties Justice and Home Affairs (LIBE) - Joint Lead

• Rapporteur: Ioan-Dragoş Tudorache (Renew, Romania).
• Shadow Rapporteurs: Axel Voss (EPP, Germany), Petar Vitanov (S&D, Bulgaria), Sergey Lagodinsky (Greens/EFA, Germany), Jaak Madison (ID, Estonia), Rob Rooken (ECR, the Netherlands), and Pernando Barrena Arza (GUE/NGL, Spain).

Committee on Industry, Research, and Energy (ITRE) - Associated

• Rapporteur: Eva Maydell (EPP, Bulgaria).
• Shadow Rapporteurs: Miapetra Kumpula-Natri (S&D, Finland), Nicola Beer (Renew Europe, Germany), Jordi Solé (Greens/EFA, Spain), Gianna Gancia (ID, Italy), Robert Roos (ECR, the Netherlands), and Elena Kountoura (GUE/NGL, Greece).

Committee on Culture and Education (CULT) - Associated

• Rapporteur: Marcel Kolaja (Greens/EFA, Czechia).
• Shadow Rapporteurs: Loucas Fourlas (EPP, Cyprus), Ibán García del Blanco (S&D, Spain), Vlad-Marius Botoș (Renew Europe, Romania), Dace Melbārde (ECR, Latvia), and Martina Michels (GUE/NGL, Germany).

Committee on Legal Affairs (JURI) - Associated

• Rapporteur: Axel Voss (EPP, Germany).
• Shadow Rapporteurs: Ibán García del Blanco (S&D, Spain), Karen Melchior (Renew Europe, Denmark), and Sergey Lagodinsky (Greens/EFA, Germany).

Council

• Czech Presidency.
• French Presidency.
• Slovenian Presidency.
• Portuguese Presidency.

3. Further developments

Before negotiations with the Council on the final form of the law can begin, the IMCO-LIBE draft report needs to be endorsed by the whole Parliament, with the vote expected to happen during the plenary session on 13 June 2023 at 13PM.

If formally approved during this session, the Report will constitute the European Parliament’s negotiating position for the subsequent informal interinstitutional (trilogue) negotiations to be held with the Council.

Based on the negotiating position of the European Parliament and the Council's General Approach, trilogues between the two institutions are scheduled to start on 14 June 2023. During the trilogue negotiations, the European Parliament and the Council would aim to reach a first reading agreement on the proposal.

The agreed text would then be published in the EU Official Journal before entering into force.

4. Useful documents

Proposed texts from the European Parliament:

Brando Benifei and Ioan-Dragoş Tudorache: “Artificial Intelligence Act”.

Brando Benifei and Ioan-Dragoş Tudorache: “AI Act: a step closer to the first rules on Artificial Intelligence”.

Axel Voss: "Opinion of the Committee on Legal Affairs for the Committee on the Internal Market and Consumer Protection and the Committee on Civil Liberties, Justice and Home Affairs on the proposal for a regulation of the European Parliament and of the Council laying down harmonised rules on artificial intelligence (Artificial Intelligence Act) and amending certain Union Legislative Acts".

Eva Maydell: "Opinion of the Committee on Industry, Research and Energy for the Committee on the Internal Market and Consumer Protection and the Committee on Civil Liberties, Justice and Home Affairs on the proposal for a regulation of the European Parliament and of the Council laying down harmonised rules on artificial intelligence (Artificial Intelligence Act) and amending certain Union legislative acts".

Marcel Kolaja: "Opinion of the Committee on Culture and Education for the Committee on the Internal Market and Consumer Protection and the Committee on Civil Liberties, Justice and Home Affairs on the proposal for a regulation of the European Parliament and of the Council laying down harmonised rules on artificial intelligence (Artificial Intelligence Act) and amending certain Union Legislative Acts".

Proposed texts from the Council of the EU:

Council of the EU Press release: “Artificial Intelligence Act: Council calls for promoting safe AI that respects fundamental rights”.

Proposed texts from the European Commission:

Jola Dervishaj: “Council of EU: General Approach on AI Act”.

Proposed texts from the Organisation for Economic Co-operation and Development:

OECD.AI: “OECD AI Principles overview”.