“This is a key moment for businesses operating within the EU or doing business with EU-based clients. If your organisation touches AI in any way – whether developing, selling, or using AI systems – you need to understand and be prepared.” ~ Tim Bowes
Our team at Dufrain give some background and their own thoughts on why it’s important to comply with regulations such as this. Dufrain is a market-leading data management and analytics consultancy.
The aim of the EU AI Act is to create a framework for the development and use of artificial intelligence that is both safe and trustworthy.
Here are some key areas where it can contribute to more mindful operations within the EU:
- Risk Management: The Act categorises AI systems based on their risk levels (e.g., unacceptable, high, limited, and minimal risk) and imposes stricter regulations on higher-risk applications. This ensures that AI systems that could significantly impact safety or fundamental rights are subject to rigorous oversight
- Transparency and Accountability: The Act mandates transparency requirements, such as informing users when they are interacting with an AI system. This helps build trust and ensures that users are aware of AI’s role in decision-making processes
- Ethical Standards: The Act promotes the development of AI in alignment with EU values, including respect for human dignity, privacy, and non-discrimination. This encourages the creation of AI systems that are ethical and socially responsible.
- Innovation and Investment: By providing clear regulations, the Act aims to foster innovation and investment in AI technologies within the EU. It creates a predictable environment for businesses to develop and deploy AI solutions, knowing they are compliant with EU standards.
- Collaboration and Engagement: The Act encourages collaboration between public and private sectors, as well as engagement with stakeholders, to ensure that AI development is inclusive and considers diverse perspectives.
Overall, the EU AI Act is designed to balance the benefits of AI innovation with the need to protect fundamental rights and ensure safety, leading to more mindful and responsible operations across the EU.
Why its not just another tick box exercise for the EU AI Act
Whilst the EU AI Act is ultimately of course new regulation which needs to be met, it really shouldn’t be viewed as “just another tick box exercise”. AI can and will bring many benefits and efficiencies to organisations. Though, like all things data related, there are a few key principles that must be adhered to so that the benefits of AI can be realised.
For a number of years organisations have strived to be data driven so that data can inform business decisions and provide insight as to what to do next. Good data quality is imperative if data is going to be relied on for these purposes.
The same is true for AI. A solid understanding and control around data that is used with AI is critical as we introduce AI to automate and reduce the workload on our colleagues. We take precious time to validate and vet individuals when recruiting new colleagues, to make sure they are the right fit and are going to move the organisation in the right direction. The same care and attention must be adopted when integrating AI into an organisation.
All aspects of the EU AI Act are aimed at putting in place the foundations so we can have both trust in the use cases we adopt AI for and collaborate to share learnings and understandings regarding the power of AI.
How does EU AI Act feed into good Data Governance?
There are several key mechanisms of the Act that play a crucial role in promoting good data governance:
High-Quality Data Requirements
The Act mandates that high-risk AI systems must be developed using high-quality data sets for training, validation, and testing. This ensures that the data used is accurate, relevant, and free from biases.
Transparency and Accountability
The Act requires AI developers to maintain detailed documentation and logs of their AI systems. This transparency helps in tracking the decision-making processes of AI systems and ensures accountability.
Risk Management
The Act classifies AI systems by risk levels (unacceptable, high, limited, minimal) to ensure appropriate safeguards, particularly for health, safety, and fundamental rights. Even low-probability errors with serious consequences fall into the high-risk category.
Harmonised Standards
The Act promotes the development of harmonised technical standards across the EU. These standards help in creating a consistent framework for AI development and deployment, ensuring that all AI systems meet the same high standards of data governance.
Governance Framework
The Act establishes a two-layer governance framework at both the EU and national levels. This framework ensures that the implementation of the Act is harmonised across the EU while allowing member states to designate competent bodies for effective enforcement.
Data Governance
The act poses questions about the learning dataset – is it diverse and unbiased – where is the training data sourced from, and how does it affect the outcomes of the model? There could be legal repercussions if the model is trained on a biased or unrepresentative dataset. Strong data governance on all data involved in the AI landscape is key to understanding the source, quality and ownership of the training data.
These measures collectively enhance the reliability, transparency, and accountability of AI systems, leading to better data governance.
Most organisations are still not fully GDPR compliant, with data lifecycle management being the number one issue cited for non-compliance. AI adoption is high on the list of most organisations’ strategic objectives, so these new regulations are very likely to impact your organisation.
Penalties
The EU AI Act entered into force on August 1, 2024, but most provisions will apply after a two-year implementation period. Penalties range from up to €7.5 million or 1.5% of the company’s total worldwide annual turnover for incorrect data all the way to €35 million or 7% of the company’s total worldwide annual turnover, whichever is higher for prohibited practices.
Reach out to one of our data SMEs if you are struggling with the EU AI Act, AI adoption, AI Governance, Data Governance or Data Quality.