LONDON — Authorities around the world are racing to draw up rules for artificial intelligence, including in the European Union, where draft legislation faces a pivotal moment on Thursday.
A European Parliament committee is set to vote on the proposed rules, part of a yearslong effort to draw up guardrails for artificial intelligence. Those efforts have taken on more urgency as the rapid advance of ChatGPT highlights benefits the emerging technology can bring — and the new perils it poses.
Here’s a look at the EU’s Artificial Intelligence Act:
HOW DO THE RULES WORK?
The AI Act, first proposed in 2021, will govern any product or service that uses an artificial intelligence system. The act will classify AI systems according to four levels of risk, from minimal to unacceptable. Riskier applications will face tougher requirements, including being more transparent and using accurate data. Think about it as a “risk management system for AI,” said Johann Laux, an expert at the Oxford Internet Institute.
WHAT ARE THE RISKS?
One of the EU’s main goals is to guard against any AI threats to health and safety and protect fundamental rights and values.
That means some AI uses are an absolute no-no, such as “social scoring” systems that judge people based on their behavior or interactive talking toys that encourage dangerous behavior.
Predictive policing tools, which crunch data to forecast where crimes will happen and who will commit them, are expected to be banned. So is remote facial recognition, except for some narrow exceptions like preventing a specific terrorist threat. The technology scans passers-by and uses AI to match their faces to a database. Thursday’s vote is set to decide how extensive the prohibition will be.
The aim is “to avoid a controlled society based on AI,” Brando Benifei, the Italian lawmaker helping lead the European Parliament’s AI efforts, told reporters Wednesday. “We think that these technologies could be used instead of the good also for the bad, and we consider the risks to be too high.”
AI systems used in high risk categories like employment and education, which would affect the course of a person’s life, face tough requirements such as being transparent with users and putting in place risk assessment and mitigation measures.
The EU’s executive arm says most AI systems, such as video games or spam filters, fall into the low- or no-risk category.
WHAT ABOUT CHATGPT?
The original 108-page proposal barely mentioned chatbots, merely requiring them to be labeled so users know they’re interacting with a machine. Negotiators later added provisions to cover general purpose AI like ChatGPT, subjecting them to some of the same requirements as high-risk systems.
One key addition is a requirement to thoroughly document any copyright material used to teach AI systems how to generate text, images, video or music that resembles human work. That would let content creators know if their blog posts, digital books, scientific articles or pop songs have been used to train algorithms that power systems like ChatGPT. Then they could decide whether their work has been copied and seek redress.
WHY ARE THE EU RULES SO IMPORTANT?
The European Union isn’t a big player in cutting-edge AI development. That role is taken by the U.S. and China. But Brussels often plays a trendsetting role with regulations that tend to become de facto global standards.
“Europeans are, globally speaking, fairly wealthy and there’s a lot of them,” so companies and organizations often decide that the sheer size of the bloc’s single market with 450 million consumers makes it easier to comply than develop different products for different regions, Laux said.
But it’s not just a matter of cracking down. By laying down common rules for AI, Brussels is also trying to develop the market by instilling confidence among users, Laux said.
“The thinking behind it is if you can induce people to to place trust in AI and in applications, they will also use it more,” Laux said. “And when they use it more, they will unlock the economic and social potential of AI.”
WHAT IF YOU BREAK THE RULES?
Violations will draw fines of up to 30 million euros ($33 million) or 6% of a company’s annual global revenue, which in the case of tech companies like Google and Microsoft could amount to billions.
It could be years before the rules fully take effect. The flagship legislative proposal faces a joint European Parliament committee vote on Thursday. The draft legislation then moves into three-way negotiations involving the bloc’s 27 member states, the Parliament and the executive Commission, where faces further wrangling over the details. Final approval is expected by the end of the year, or early 2024 at the latest, followed by a grace period for companies and organizations to adapt, often around two years.