The European Parliament has approved a revised version of the EU Artificial Intelligence Act (AIA), which appears to be on a path to adoption by the EU later this year.  The AIA is the most comprehensive legislation in the world to address the risks associated with the use of artificial intelligence.  A final version of AIA will next be the subject of trilogue negotiations between the European Commission, European Council and the European Parliament.

While numerous other countries, including the United States and China, have expedited their efforts to regulate the rapidly evolving world of artificial intelligence, the EU is the furthest down the road to implementing legislating.  First proposed in 2021, the AIA borrows heavily from the privacy toolbox established by the GDPR to regulate artificial intelligence, with a heavy emphasis on transparency, consent mechanisms, data subject rights and technical and organizational safeguards.  At its core, the law takes a risk-based approach toward the use of artificial intelligence by requiring risk assessments and other controls for “high-risk”  artificial intelligence. 

The AIA also would ban certain technologies altogether.  For example, one of the areas of significant concern by EU regulators has been the use of facial recognition technologies, particularly the use of live facial recognition in public spaces, which the AIA would ban. 

Notably the most recent version of the AIA includes some provision that address ChatGPT — a technology that had not become commercially available when the law was first proposed. The latest version of the AIA would require that companies conspicuously label the outputs of ChatGPT and other forms of generative AI, and specifically disclose the inclusion of any copyrighted materials in training datasets, which has raised concerns by AI developers. 

Passage of the AIA by the EU Parliament came more quickly than many commentators had expected, and suggests that the EU seeks to become a global leader in the regulation of artificial intelligence. In the same way that passage of the GDPR set the stage for worldwide promulgation of data privacy laws, including in the U.S., the AIA may become a standard for other countries to follow in regulating artificial intelligence.

We have previously done a podcast covering the AIA.  For more details on the AIA, and artificial intelligence generally, continue to follow this blog.