In recent months, the UK and EU data protection authorities have focused on artificial intelligence (AI) regulation and guidance. See the March 2021 issue of DWF Data Protection Insights for our report on the ICO (the UK Information Commissioner's Office) AI and data protection risk mitigation and management toolkit, click here to read our article about the EU data protection authorities' call for a ban on the use of AI for automated recognition of human features in publicly accessible spaces and here to read our article about the European Commission's proposal for an AI Regulation.
On 29 June the Civil Liberties Committee of the European Parliament adopted a report on the use of AI in law enforcement and the judiciary. While the report focuses on the use of AI in those sectors, the issues flagged and the committee's demands have wider application:
- the potential for bias and discrimination in the algorithms on which AI and machine-learning systems are based;
- AI should not be used to predict behaviour based on past actions or group characteristics;
- the use of biometric details like gait, fingerprints, DNA or voice to recognise people in publicly accessible spaces;
- law enforcement bodies using private facial recognition databases;
- assigning scores to citizens based on AI; and
- using facial recognition for identification, until such systems comply with fundamental rights.
On 25 June the European Commission's AI Watch published a report that monitors the AI national strategies of all EU countries plus Norway and Switzerland (but not the UK) and focuses on areas of cooperation for:
• strengthening AI education and skills;
• supporting research and innovation to drive AI developments into successful products and services, improving collaboration and networking;
• creating a regulatory framework to address the ethics and trustworthiness of AI systems; and
• establishing a cutting-edge data ecosystem and ICT infrastructure.
On 1 July Slovenia took over presidency of the Council of the EU for 6 months and announced that one of its priorities is the ethical use and development of artificial intelligence. While the UK has left the EU, it will have to comply with EU rules when processing the personal data of individuals in the EEA, and the UK government is currently scrutinising all aspects of AI. See the March 2021 issue of DWF Data Protection Insights, where we reported on DCMS's new national AI strategy, as well as flagging the Intellectual Property Office's call for views on the relationship between AI and intellectual property, and the Trades Union Congress's reports about the use of AI in employment relationships. At an international level, the Organisation for Economic Cooperation and Development (OECD) has recently published a report on the state of implementation of the OECD AI Principles and the World Health Organisation (WHO) has issued a global report on AI in health and six guiding principles for its design and use.
We will continue to monitor developments and report on the implications for UK businesses. In the meantime, if you want advice on the data protection aspects of AI, please contact one of our specialist lawyers.