|
White Paper on Artificial Intelligence
The European Commission defines recommendations to create both an ecosystem of excellence and an ecosystem of trust.
N.B.: This White Paper does not address the development and use of AI for military purposes.
A) An ecosystem of excellence
Europe should notably expand its positions along the value chain, from certain hardware manufacturing sectors to software and services. The EU will use its funding programmes and investment funds to stimulate private and public investment. The EU plans to attract over 20 billion euros of total investment in the EU per year over the next decade. A new public private partnership in AI, data and robotics will be set up.
The EU will attract more talents and have a network of centres of excellence. It needs a “lighthouse centre of research and innovation to coordinate the efforts”. It will also support the development of adequate skills.
Industry, health, transport, finance, agri-food value chains, energy/environment, forestry, earth observation and space are mentioned as sectors where Europe has the potential to become a leader in AI.
B) An ecosystem of trust
Safety
The European Commission also published a report on the safety and liability implications of Artificial Intelligence, the Internet of Things and robotics.
On the basis of such report, the Commission is looking at EU product safety legislation and considers the following amendments:
-new risk assessment to address risks that arise when an AI product or system is already placed on the market (for instance following a software update)
- explicit obligations for producers in respect of mental safety risks of users when appropriate (ex. collaboration with humanoid robots)
- specific requirements addressing the risks to safety of faulty data at the design stage as well as mechanisms to ensure that quality of data is maintained throughout the use of the AI products and systems
- transparency requirements to avoid opacity of systems based on algorithms
- existing rules may need to be adapted and clarified in the case of a stand-alone software placed as it is on the market or downloaded into a product after its placing on the market, when having an impact on safety
- given the increasing complexity of supply chains as regards new technologies, provisions specifically requesting cooperation between the economic operators in the supply chain and the users could provide legal certainty
The Commission notes that the General EU safety legislation currently applies to products and not to services -therefore in principle not to services based on AI technology either.
Liability
The Commission also considers amending current liability rules in order to protect the victims’ right to compensation, which can be difficult to exercise when it comes to AI -as it might be challenging to prove a defect in the system, and the causal link between the defect and the damage.
The Commission explains that all options should be carefully assessed, including possible amendments to the Product Liability Directive and possible further targeted harmonisation of national liability rules. For example, the Commission is seeking views whether and to what extent it may be needed to adapt the burden of proof required by national liability rules for damage caused by the operation of AI applications.
Mandatory requirements for high-risk AI applications
The Commission envisages mandatory requirements for high-risk applications. AI application are considered high-risk if 1) the sector and 2) the intended use involve significant risks. For instance, this would include surgery robots or autonomous cars. An exhaustive list of the sectors should be drafted and periodically reviewed.
However, the use of AI for certain purposes will always be considered high-risk, irrespective of whether these two criteria are fulfilled. This is the case for recruitment, biometric identification and other intrusive surveillance technologies.
Mandatory requirements for high-risk AI applications will be specified through standards. These requirements would include:
- EU’s values and rules must be respected when it comes to the data used to train AI. The aim is to avoid unsafe (because not sufficiently/adequately trained) or biased AI.
-records must be kept in relation to the programming of the algorithm, the data used to train high-risk AI systems and, in certain cases, the data themselves must be kept. This would allow problematic actions or decisions by AI to be traced back and verified.
-information provision: clear information must be provided on the AI’s systems capabilities and limitations. Moreover, citizens must be informed when they are interacting with an AI system and not a human being (except when it is an obvious situation).
-requirements relating to robustness and accuracy, including requirement ensuring that AI systems are resilient both over attacks and attempts to manipulate data or algorithms.
-high-risk applications must be overseen by humans, the degree of oversight depending on the specific application.
-specific requirements for remote biometric identification: the Commission explains that the gathering and use of biometric data for remote identification purposes, for instance facial recognition in public spaces, carries specific risks for fundamental rights. AI can only be used for remote biometric identification purposes where such use is duly justified, proportionate and subject to adequate safeguards. Regarding facial recognition in public spaces, the Commission will launch a debate on the specific circumstances, if any, which might justify such use, and on common safeguards.
These requirements should be applicable to all relevant economic operators, regardless of whether they are established in the EU or not.
The European Commission believes that it is necessary to test and certify high-risk AI applications before they reach the single market, to ensure that they comply with the above-mentioned requirements. Conformity assessment could include checks of the algorithms and of the data sets. As some AI systems evolve over time, it might be necessary to repeat assessments over the lifetime of such AI systems.
Conformity assessment would be mandatory for all economic operators addressed in the requirements, regardless of their place of establishment. Standards and dedicated online tools could facilitate compliance.
Economic operator established in third countries could make use of designated bodies established in the EU or, subject to mutual recognition agreements with third countries, use third-country bodies designated to carry out such assessments.
Voluntary labelling for no-high risk AI applications
On a voluntary basis, economic operators not covered by the mandatory requirements could still decide to comply with those requirements or a set of similar requirements designed for this voluntary scheme. They would then be granted a quality label.
Next steps:
The Commission invites for comments on the proposals set out in the White Paper through an open public consultation available at https://ec.europa.eu/info/consultations_en.The consultation is open for comments until 19 May 2020. |
