April 11, 2024
Why the passing of the EU AI Act is such a big deal
Many believe that just as Europe established itself as a data protection leader with GDPR, it’s now doing the same in the field of AI.
In the news
The European Union recently became the first body to significantly regulate artificial intelligence, with its parliament overwhelmingly approving the EU AI Act (523 in favor, 46 against, 49 votes not cast). Politicians who ushered the act into existence were understandably excited; phrases like “standard-setter” and “trailblazing” were bandied about. The new regulations will be in effect by September.
Initially conceived way back in 2021, before ChatGPT could write your term paper better than you could, the EU AI Act sifts the technology into four levels of risk: minimal, limited, high and unacceptable. The regulation also lays out how these levels will be assessed.
Observers say that just as the EU’s General Data Protection Regulation (GDPR) led the way in consumer data protection, the AI Act stakes out similar turf in the world’s hottest technology. Other countries used GDPR as a template for their own data protection regulations to one degree or another, and it’ll be interesting to see the degree to which they do so here. The US has already signaled it’s willing to make moves at the federal level.
But how the act will affect businesses, competition and AI investment remains to be seen.
The Cognizant take
It’s hard to overstate the potential impact of the EU AI act, according to Niels Torm, Cognizant’s GGM Lead Solutions Architect for Privacy. “To give you some idea,” he notes, “the Australian government has recommended that businesses there study the EU AI act as they aim toward future compliance standards.”
Australia, you may have heard, is some distance from Europe, which is Torm’s point; the EU AI Act has the potential to be a global benchmark, like GDPR. “It’ll serve as the guideline for organizations seeking to become AI-responsible,” he says. “Compliance will put you in a position where you’re ahead of your local regulations.”
Businesses need to pay attention to the act unless they’re prepared to write off Europe as a market; it applies to any AI systems where the output is intended to be used in the EU, regardless of where they originate. That sends one important message, Torm notes. Another is that the EU AI Act plays together with GDPR. “While GDPR primarily looks at input data, the EU AI act primarily looks at outcomes,” he says. Put another way, the act doesn’t regulate development of the technology, but rather its application.
That’s a wise approach, Torm believes. To some extent, the act “may slow the application of AI, but it’ll drive more thorough development,” he says. That’s because organizations will be incented to strengthen their AI—reducing hallucinations, for example—before unleashing it. “That will put Europe, and others who follow the act, ahead of others who lack the incentive to develop stronger technology.”
By focusing on the areas where risk is highest, the EU AI Act builds in a process to address unforeseen consequences—the bane of many tech breakthroughs—through continuous monitoring. “When you apply a high-risk system as a provider, you must perform a number of assessments, testing for all possible outcomes,” Torm says. And if an unexpected or harmful outcome is detected? “You then have an obligation to alter the AI to mitigate.”
Without viewing the EU AI Act through rose-colored glasses, Torm believes it has much to offer. “I think AI is perhaps the most important step in technology since the steam engine,” he says. “But we must apply it with intelligence.”
Understand the transformative impact of emerging technologies on the world around us as they address our most significant global challenges.
Latest posts
Related posts
Subscribe for more and stay relevant
The Modern Business newsletter delivers monthly insights to help your business adapt, evolve, and respond—as if on intuition