Pioneering Regulation in Artificial Intelligence

As the European Union's three branches provisionally agree on the landmark AI regulation, the EU AI Act, cybersecurity companies like CDeX find themselves at the intersection of technological innovation and regulatory evolution. This update explores the recent developments and sheds light on the complexities that lie ahead for AI companies, including the potential impact on major players like OpenAI, Microsoft, Google, and Meta.

The AI Act Passed But Be Ready for Delayed Impact

Despite the provisional agreement on the AI Act, the road to full approval remains uncertain. Last-minute compromises and debates have softened some of the strictest regulatory threats, leading to a delayed enforcement timeline. Paul Barrett, deputy director of the NYU Stern Center for Business and Human Rights, suggests that the AI Act may not take effect until 2025, allowing major AI players to continue their dominance and navigate regulatory uncertainties, especially in the US. We have to, however, brace ourselves for some decisive administrative action in the near future. 

Ethical AI: A Focus on Safety and Transparency

At the heart of the EU AI Act is the European Parliament's commitment to fostering the safe, transparent, and ethical use of AI within the EU. The legislation underscores the importance of human oversight in AI systems to mitigate potential harms and prevent discriminatory outcomes. Additionally, Parliament aims to establish a technology-neutral, uniform definition for AI, laying the foundation for the future development of AI systems.

Categorizing AI Risks

The AI Act, initiated prior to the introduction of advanced general-purpose AI (GPAI) tools like OpenAI's GPT-4, faced challenges in regulating these technologies during last-minute negotiations. The legislation adopts a risk-based approach, with rules becoming more strict as the potential social impact of an AI system increases. This categorization led to concerns among some EU member states, including France, Germany, and Italy, who worried that strict regulations could slow down AI innovation and make the EU less attractive for AI development. 

Compromises were reached during negotiations, resulting in a two-tier system and exceptions for law enforcement use, mitigating some concerns. However, critics, including French President Emmanuel Macron, argue that the AI Act may decrease innovation and hinder the growth of European AI companies, potentially giving an advantage to their American counterparts.

Learning from the EU — Implications for Global AI 

The EU's AI Act, not without controversy, offers a transparent framework for regulating AI development, providing insights into what the industry can expect. The Act categorizes AI systems based on risk, setting strict rules for higher-risk applications. However, it does not introduce new laws around data collection, a critical point of contention with generative AI. 

Observers suggest that the EU's approach may influence other countries globally, prompting them to speed up their efforts in AI regulation. The contrasting situation in the US, where AI regulation is still in its early-stages, highlights the potential for policymakers to draw lessons from the EU's risk-based approach. Maybe some will even consider adjustments to data transparency rules or greater regulatory impact for GPAI models. While the AI Act is not finalized, it signals the EU's commitment to addressing public concerns surrounding AI and may shape the future landscape of AI governance.

Table of contents