$ 100 million fine just starts EU also wants to define AI “high risk areas”

On January 20, DLA Piper Law Firm issued a report on the state of data protection in the European Union. The report shows that since the publication of the General Data Protection Regulation (GDPR) in 2018, the European Union has collected fines of 114 million euros (about $ 126 million ). For the EU, however, all this is just the beginning.

DLA Piper’s network and data protection partner Ross McKean  told CNBC that the EU is still in the early stages of law enforcement and “more tickets will be issued in the future.”

For data regulators, data leakage is the focus of privacy protection efforts. From May 2018 to January 2020, the EU received 160,921 notifications of personal data breaches.

In the case of the Marriott International Hotel, since 2014, the data of nearly 400 million customers has been leaked due to hacking. In July 2019, a US $ 123 million fine issued by the British Data Supervisory Authority (ICO) for the Marriott Hotel is still pending.

Elizabeth Denham, the UK information commissioner, said in a statement: “Personal data has real value, so organizations have a legal obligation to ensure their security, just as they protect any other asset. If we fail to do so, Strong action will be taken without hesitation when necessary to protect public rights. “

In January 2019, the French data regulator (CNIL) imposed a penalty of $ 57 million on Google for violating GDPR, the highest amount of fines ever paid by GDPR.

Comparison chart of fines in EU countries since GDPR came into effect. Source: DLA Piper

However, fines are not the only way to regulate data issues in the EU. Recent documents show that the European Commission is considering a new legal framework to enforce stricter regulation of artificial intelligence (AI) technologies that rely heavily on data.

On January 17, the European media EURACTIV received the draft EU 2020 AI white paper. The draft states that the EU needs to encourage AI development in its own way, and more importantly, to establish a legal framework to address the negative impacts and legal liabilities of AI.

For example, for the large-scale application of face recognition technology in public places, the European Union believes that a comprehensive ban of 3 to 5 years can be considered to “determine and evaluate the impact of this technology and possible risk management measures.”

In response, Wang Xinrui, a senior partner of Beijing Anli Law Firm, told Interface News:

“A lot of people have misunderstood this report. In fact, the focus of this white paper is on the European Commission ’s five-point proposal for the future European AI regulatory framework.

 

Although the Commission believes that it may be considered to disable face recognition technology in public for a period of time However, in fact, they also acknowledge that such a ban could have far-reaching effects and may seriously hinder the development of this technology. Therefore, the Committee advocates that at this stage, it should be implemented in accordance with the regulatory framework of the GDPR. “

Artificial intelligence technology to focus on new media platforms, “New Ji-won,” believe (EU) ban on face recognition, if implemented, will inevitably Hikvision, Shang Tang, open view, according to the map, from the cloud and other Chinese enterprises have an impact. Some people in the industry believe that China’s face recognition algorithm has the highest accuracy rate in the world and is expected to become the world’s largest face recognition market.

In addition to face recognition technology, the European Commission also gave a preliminary definition of “high-risk areas” for AI in a white paper. The so-called “high risk” refers to “the significant risks to the individual or entity in terms of law or body when applying AI technology”.

The European Union believes that in the “high-risk areas” such as health care, transportation, police enforcement, and judicial decisions, the use of AI technology may need to comply with additional legal requirements to protect the basic rights of individuals.

In fact, Article 22 of the GDPR clearly states that data owners have the right not to accept major decisions made entirely by AI automation unless certain special circumstances are met. This proposal of the European Commission, if passed, will have a major impact on AI technology companies such as smart medical, autonomous driving, and crime prediction.

However, the regulatory recommendations made in this white paper are still a long way from the implementation regulations. Cao Jianfeng, a senior researcher at Tencent Research Institute, told Interface News:

“These proposals have not yet reached the legislative stage, and they are a preliminary solution research. If it reaches a more mature stage, the European Commission will propose specific directives or regulations so that it will enter the legislative agenda.”

At the same time, Cao Jianfeng also believes that in the face recognition technology regulation, the British attitude is more rational and is not completely banned. Instead, it requires the establishment of mandatory rules and high legal thresholds to fully balance the interests of all parties, that is, law enforcement agencies must provide There is sufficient evidence to prove that the use of face recognition technology in each specific scene is strictly necessary, effective, and consistent with the principle of balance of interests and the principle of proportionality.

As for the increasingly strict data protection tendency, many critics believe that this trend hinders EU innovation in the field of AI. However, the latest data show that Britain, which has always played an important role in the EU’s AI strategy, is overtaking China and the United States as the center of global technology investment.

In 2019, venture capital investment by British technology companies has surged 44%, outpacing the US and China.

According to new figures from the Digital Economy Council of the United Kingdom, global investment in British technology companies in 2019 is about 13.2 billion US dollars, accounting for about one-third of all European technology investment, ranking third in the world after China and the United States.

Data compiled by Tech Nation and Dealroom.co also show that London is a leader in generating unicorn sales (valued at more than $ 1 billion), generating 46 unicorn companies in the past 30 years.

“These bright new figures show the strength of the UK technology industry, which is the” sweet zone “of our economy. Our technology companies have not only won the confidence of global investors but also creating new jobs and wealth across the UK. “

The British experience shows that a relatively strict data privacy legislation environment is not necessarily a decisive factor in stifling technological innovation. Establishing a fully trusted innovation environment between the data subject and the enterprise may be more attractive for investment.

Scientific and technological innovation has brought profound changes to society and even threatened the definition of human nature. At the forthcoming Winter Davos Annual Conference, “Technology for Good” is one of the seven themes, and experts will discuss related topics.

In the AI ​​era, how to find the perfect balance between technological innovation, data rights and social risks will be a topic worth exploring.

Leave a Reply

Your email address will not be published. Required fields are marked *