Classification of AI under EU AI act

Posted on April 6, 2024 by Vijayashankar Na

(Continuation of Previous Article)

Having discussed the definition of AI and the applicability of EU AI Act in broad terms in the two previous articles, let us continue our discussion on “Classification of AI” under EU AI Act which is important from the point of view of “Risk Assessment”.

For the purpose of compliance EU AI Act defines AI systems with the following classification

1.Prohibited Systems (Title II-Article 5)

2.High Risk Systems( Title III-Article 6,7)

3. Limited Risk Systems

4. Minimal Risk systems

5.General Purpose AI Model (Title VIIIA, Article 52a)

This classification is based on “Risk Assessment”. Prohibited systems are those AI systems which present an “Unacceptable Risk”. In making the assessment of “Risk” one needs to look at the “Harm” caused to the end users of the AI systems namely the people.

As per Article 1.1,

the purpose of this Regulation is to improve the functioning of the internal market and promoting the uptake of human centric and trustworthy artificial intelligence, while ensuring a high level of protection of health, safety, fundamental rights enshrined in the Charter, including democracy, rule of law and environmental protection against harmful effects of artificial intelligence systems in the Union and supporting innovation.

The term “Harm” under the Act therefore includes all adverse effect on “Functioning of internal market” besides “Promoting human centric and trustworthy artificial intelligence”. Any thing that affects the protection of health, safety, fundamental rights, rule of law, environmental protection etc will be considered as “harm” under the Act.

When we apply the AI law to “Personal Data Protection” we look at only the harm caused to the individuals. But EU Act appears to expand it’s scope to the economic environment and more particularly the EU Geographic space.

This also means that the “Extra Territorial” application of the penalty clauses are also limited to the adverse impact that may be caused within the Union. Hence if there is an AI system in India that does not impact the EU, the compliance to EU-AI act is redundant. Hence if organizations need to consider ISO 42001 certification for their AI systems which have a foot print only in India, it may be considered as redundant. What is more relevant is the compliance to ITA 2000/DPDPA which is addressed by a DGPSI audit and not ISO 42001 audit.

Now we shall explore Article 5 which defines the “Unacceptable Risks” or “Prohibited AI practices”.

According to Article 5.1, the unacceptable risks include

(1)AI system that deploys subliminal techniques beyond a person’s consciousness or purposefully manipulative or deceptive techniques, with the objective to or the effect of materially distorting a person’s or a group of persons’ behaviour by appreciably impairing the person’s ability to make an informed decision, thereby causing the person to take a decision that that person would not have otherwise taken in a manner that causes or is likely to cause that person, another person or group of persons significant harm.

(2)AI system that exploits any of the vulnerabilities of a person or a specific group of persons due to their age, disability or a specific social or economic situation, with the objective to or the effect of materially distorting the behaviour of that person or a person pertaining to that group in a manner that causes or is reasonably likely to cause that person or another person significant harm;

(3)use of biometric categorisation systems that categorise individually natural persons based on their biometric data to deduce or infer their race, political opinions, trade union membership, religious or philosophical beliefs, sex life or sexual orientation. (This prohibition does not cover any labelling or filtering of lawfully acquired biometric datasets, such as images, based on biometric data or categorizing of biometric data in the area of law enforcement;)

(4)AI systems for the evaluation or classification of natural persons or groups thereof over a certain period of time based on their social behaviour or known, inferred or predicted personal or personality characteristics, with the social score leading to either or both of the following:

(i) detrimental or unfavourable treatment of certain natural persons or whole groups thereof in social contexts that are unrelated to the contexts in which the data was originally generated or collected;

(ii) detrimental or unfavourable treatment of certain natural persons or groups thereof that is unjustified or disproportionate to their social behaviour or its gravity;

(5)the use of ‘real-time’ remote biometric identification systems in publicly accessible spaces for the purpose of law enforcement unless and in as far as such use is strictly necessary for one of the following objectives:
(i) the targeted search for specific victims of abduction, trafficking in human beings and sexual exploitation of human beings as well as search for missing persons;
(ii) the prevention of a specific, substantial and imminent threat to the life or physical safety of natural persons or a genuine and present or genuine and foreseeable threat of a terrorist attack;
(iii) the localisation or identification of a person suspected of having committed a criminal offence, for the purposes of conducting a criminal investigation, prosecution or executing a criminal penalty for offences, referred to in Annex IIa and punishable in the Member State concerned by a custodial sentence or a detention order for a maximum period of at least four years. This paragraph is without prejudice to the provisions in Article 9 of the GDPR for the processing of biometric data for purposes other than law enforcement.

(6)use of an AI system for making risk assessments of natural persons in order to assess or predict the risk of a natural person to commit a criminal offence, based solely on the profiling of a natural person or on assessing their personality traits and characteristics. (This prohibition shall not apply to AI systems used to support the human assessment of the involvement of a person in a criminal activity, which is already based on objective and verifiable facts directly linked to a criminal activity;)

(7) use of AI systems that create or expand facial recognition databases through the untargeted scraping of facial images from the internet or CCTV footage;

(8)use of AI systems to infer emotions of a natural person in the areas of workplace and education institutions except in cases where the use of the AI system is intended to be put in place or into the market for medical or safety reasons.

It may be observed that the Act provides several exemptions for the use of the prohibited systems by law enforcement authorities. Such use may however may be subject to some conditions and required to be reported to the Commission in annual reports.

Let us continue our discussion on other classifications of Risk based AI systems in the next article.

Naavi

 

Posted in Cyber Law | Tagged | Leave a comment

Applicability and Non-Applicability of EU-AI Act

Posted on April 5, 2024 by Vijayashankar Na

(continuation from the previous Article)

In order to look at the compliance requirements under EU-AI act, we need to first understand what is AI, what is the role of our organization under EU-AI act and what is the classification of the AI system.

We have discussed the definition of AI in our previous article.

In this article which may need some extensions, we shall explore the roles to which the EU-AI act is applicable, which is available through Article 1 .

Under Article 2.1 the Act is applicable to 

(a) providers placing on the market or putting into service AI systems or placing on the market general-purpose AI models in the Union, irrespective of whether those providers are established or who are located within the Union or in a third country;

(b) deployers of AI systems that have their place of establishment or who are located within the Union;

(c) providers and deployers of AI systems that have their place of establishment or who are located in a third country, where the output produced by the system is used in the Union;

(ca) importers and distributors of AI systems;

(cb) product manufacturers placing on the market or putting into service an AI system together with their product and under their own name or trademark;

(cc) authorised representatives of providers, which are not established in the Union;

(cc) affected persons that are located in the Union.

It is observed from the above scope that organizations who may be developers of AI in India whose products are accessible in EU either because the developer exports the products to importers in EU, or runs a website accessible from EU or directly operates in EU and offers the service may be coming under the Act.

Article 2.2 states that this Act is applicable in the following circumstances

For AI systems classified as high-risk AI systems in accordance with Articles 6(1) and 6(2) related to products covered by Union harmonisation legislation listed in Annex II, section B only Article 84 of this Regulation shall apply.

 Article 53 shall apply only insofar as the requirements for high-risk AI systems under this Regulation have been integrated under that Union harmonisation legislation.

However the subsection Article 2.3 states

“This Regulation shall not apply to areas outside the scope of EU law and in any event shall not affect the competences of the Member States concerning national security, regardless of the type of entity entrusted by the Member States to carry out the tasks in relation to those competences.”

“This Regulation shall not apply to AI systems if and insofar placed on the market, put into service, or used with or without modification of such systems exclusively for military, defence or national security purposes, regardless of the type of entity carrying out those activities.”

“This Regulation shall not apply to AI systems which are not placed on the market or put into service in the Union, where the output is used in the Union exclusively for military, defence or national security purposes, regardless of the type of entity carrying out those activities.”

The subsection Article 2.4 states

” This Regulation shall not apply to public authorities in a third country nor to international organisations falling within the scope of this Regulation pursuant to paragraph 1, where those authorities or organisations use AI systems in the framework of international cooperation or agreements for law enforcement and judicial cooperation with the Union or with one or more Member States, under the condition that this third country or international organisations provide adequate safeguards with respect to the protection of fundamental rights and freedoms of individuals.

the subsection Article 2.5 states

“This Regulation shall not affect the application of the provisions on the liability of intermediary service providers set out in Chapter II, Section 4 of Directive 2000/31/EC of the European Parliament and of the Council[*] [as to be replaced by the corresponding provisions of the Digital Services Act].”

[*] Directive 2000/31/EC of the European Parliament and of the Council of 8 June 2000 on certain legal aspects of information society services, in particular electronic commerce, in the Internal Market (‘Directive on electronic commerce’) (OJ L 178, 17.7.2000, p. 1)

The Article 2.5a states

This Regulation shall not apply to

AI systems and models, including their output, specifically developed and put into service for the sole purpose of scientific research and development.

(However) Union law on the protection of personal data, privacy and the confidentiality of communications applies to personal data processed in connection with the rights and obligations laid down in this Regulation.

This Regulation shall not affect Regulations (EU) 2016/679 and (EU) 2018/1725 and Directives 2002/58/EC and (EU) 2016/680, without prejudice to arrangements provided for in Article 10(5) and Article 54 of this Regulation.

The subsection Article 2. 5b states

5b. This Regulation shall not apply to any research, testing and development activity regarding AI systems or models prior to being placed on the market or put into service; those activities shall be conducted respecting applicable Union law. The testing in real world conditions shall not be covered by this exemption.

This Regulation is without prejudice to the rules laid down by other Union legal acts related to consumer protection and product safety.

The subsection Article 2 5c states

5c. This Regulation shall not apply to obligations of deployers who are natural persons using AI systems in the course of a purely personal non-professional activity.

The subsection Article 2 5e (5d missing) states

5e. This Regulation shall not preclude Member States or the Union from maintaining or introducing laws, regulations or administrative provisions which are more favourable to workers in terms of protecting their rights in respect of the use of AI systems by employers, or to encourage or allow the application of collective agreements which are more favourable to workers.

The subsection Article 2 5g (5f missing) states

5g. The obligations laid down in this Regulation shall not apply to AI systems released under free and open source licences unless they are placed on the market or put into service as high-risk AI systems or an AI system that falls under Title II and IV.

As one can observe,each of the above sub clauses need to be explored independently which we shall do so in subsequent articles.

If we look at how DGPSI tries to address similar concerns, we bank upon the legal provisions in India under ITA 2000 (Section 11) which provides that the actions of an automated system is attributable to the “Controller” of the system.

Hence under DGPSI if we identify any automated system which may be classified as AI or Generative AI etc., we try to identify whether the Data Fiduciary is in control of the means of processing. If he does not know what the AI code is doing, the AI developer or deployer is considered a “Joint Data Fiduciary” and all responsibilities for compliance of DPDPA 2023 lies with  him along with the liabilities for which the contract should provide an indemnity clause. Where the deployer is ready to disclose the code or give an assurance that the means of finance  is  exactly what the data fiduciary prescribes and is auditable by him, the deployer may be considered as a “Data Processor”.

DGPSI recommends business end-to end compliance and hence the issue of role definition for AI deployment from the perspective of the user data fiduciary should be settled at the time of approving a vendor or buying of a  software system.

Also, unlike EU-AI act which applies to both personal and non personal data, under DGPSI we look at systems which process personal data and in case of the developer or vendor we expect them to be able to certify that their AI is a “DPDPA Compliant AI”. The AI-DTS system is being developed as a system to evaluate the compliance maturity of the AI product.

(P.S: Readers would appreciate that these are pioneering concepts and are under development and continual improvement. The professional community is welcome to join hands with Naavi in developing these  concepts further.)

Naavi

Posted in Cyber Law | Leave a comment

Defining of AI: DGPSI approach

Posted on April 4, 2024 by Vijayashankar Na

(Continued from previous article: Impact of EU AI Act on India)

EU AI Act expects that “Providers”, “Deployers” and other “Trade intermediaries” shall be bound by the law (Effective from 2026).

The compliance to EU-AI act starts with flagging a “Product” or “Service” as “AI Product/Service”. Hence the definition of what constitutes an “AI System” becomes key to the compliance.

According to Article 3(1)

‘AI system‘ is a machine-based system designed to operate with varying levels of autonomy and that may exhibit adaptiveness after deployment and that, for explicit or implicit objectives, infers, from the input it receives, how to generate outputs such as predictions, content, recommendations, or decisions that can influence physical or virtual environments;

Though the compliance is based on the “Risk Assessment”, the applicability at the foundation stage is guided by this definition. (Other aspects of applicability are who is the user and where it is being used).

The ISO 420o1 is made applicable to an “AI management system” (AIMS) but does not clearly define how an organization can identify which part of its business is AI and which is not. It adopts ISO/IEC 22989:2022 for definition which vaguely defines Artificial intelligence as

an engineered system set of methods or automated entities that together build, optimize and apply a physical, mathematical, or otherwise logical representation of a system, entity, phenomenon, process or data  so that the system can, for a given set of predefined tasks compute predictions, recommendations, or decisions”.

It is important for us to realize that at the umbrella level, all software systems are “Intelligent”. But the intelligence of a software system is limited to the instructions already embedded as the “Code”. The software therefore is a faithful servant that remembers the instructions and executes it based on the context.

An AI is a special software which has two key characteristics namely “Autonomy” and “Adaptiveness” as stated in the EU-AI definition. The ISO 42001 definition only speaks of “Predictions” and “Decisions” as terms that can be attributed to the nature of AI as different from other software.

In contrast the definitions arising from organizations like UNESCO which focus on the impact of AI on people recommend that

“AI systems are systems which have the capacity to process data and information in a way that resembles intelligent behaviour, and typically includes aspects of reasoning, learning, perception, prediction, planning or control.”

Taking these three definitions into consideration DGPSI adopts the following definition for AI.

Definition of AI under DGPSI

AI is a class of automated data processing system where the human intervention in decision output and application of decision to a business decision is below an acceptable threshold.

In order to define the threshold, three classes of AI are recognized as part of the definition.

Class 1:

Any software that has a Code correcting ability without the intervention of a human developer to generate an output is considered as an AI system-Class 1.

Class 2:

Any AI system that automatically implements a decision affecting a human is considered as AI system- Class 2

Class 3:

Any system that reacts to the human emotions, capable of creative outputs, including generative AI  and is considered as AI system- Class 3

This definition includes the “Autonomy” and “Adaptiveness” of the EU-AI act and “Predictiveness” , “Automated decision making” in the ISO 42001 and the “Human like behaviour” of the UNESCO definition. The sub classifications also take into account the “Risk Perceptions” such as “Unsupervised Machine Learning”, “Bias in automated decision making” and “Hallucination and rogue behaviour”.

The first task of compliance is therefore to label a software system as “AI System” using this definition.

PS: 

Under DGPSI (Digital Governance and Protection Standard of India) we define the DGPMS (Digital Governance and Protection Management System) and apply “Compliance By Design” principles. 

The DGPMS is an integration of PIMS, ISMS (Personal Data Processing) and AIMS (personal data processing). 

The AIMS under DGPMS is a sub system which is either a Joint Data Fiduciary or a Data Processor and compliance requirements are designed accordingly.

Comments are welcome.

Naavi

Posted in Cyber Law | Leave a comment

Impact of EU AI Act on India

Posted on April 3, 2024 by Vijayashankar Na

“Extra territorial Jurisdiction” was one of the aspects of GDPR which created a scare in the Indian industry in 2018. This was also the reason for the birth of FDPPI the organization which has today grown to be a premier Privacy and Data Protection organization in India.

Today the EU-AI act is threatening to be another more potent legislation of the EU that could have an adverse impact on the Indian IT industry.

As regards GDPR, the Indian industry so far has not been much affected since it is working under the radar as “Processors” to a “Controller in EU”. The SCC which were tightened after the Schrems judgement got rationalized after the EU-US Privacy framework adoption.

However EU-AI act appears to be re-igniting the controversies of an attempt by EU to create global hegemony though the Act and it’s penalty clauses.

EU commission has established “The European AI Office” and will be the regulator for the Act. The first point we need to note about the EU-AI act is the penalty clause (Article 70).

According to Article 70,

a) non compliance with the prohibition of the AI practices referred to in Article 5 shall be subject to administrative fines upto Euro 35 million or 7% of the Worldwide turnover whichever is higher

b) non compliance of an AI system with any of the provisions other than in Article 5, as laid down in Article 16, 25, 26, 27, 29 (para 1 to 6a), Articles 33, 4(1),34(3),34 (4), 34a, and 52 may result in administrative fines upto Euro 15 million or upto 3% of worldwide turnover

c) Supply of in-corrrect, incomplete or misleading information in reply to a request may result in administrative fine upto Euro 7.5 million or 1% of total worldwide annual turnover

d) In case of SMEs the administrative fine will be the lower of the above..

Scope of the Act

Article 2 defines the scope of the Act . The essence of the scope in brief are indicated below. (An in-depth discussion of the applicability will follow)

According to article 2.1, the regulation applies to

a) Providers placing a product or service in the Union irrespective of whether they are established or located within the Union or not.

b) Deployers of AI systems that have their place of establishment or who are located within the Union

c) Providers and deployers of AI systems that have their place of establishment or location in a hird country where the output produced is used in the Union.

d) Importers and distributors of AI systems

e) Importers and distributors of AI systems

f) product manufacturers placing their product under their own name and trademark

g) authorized representatives of providers which are not established in the Union.

h) affected persons that are located in the Union

This regulation shall not apply to areas outside the scope of EU law and matters concerning national security, scientific research etc

This Regulation shall not affect the application of the provisions on the liability of intermediary service providers set out in Chapter II, Section 4 of Directive 2000/31/EC of the European Parliament and of the Council [as to be replaced by the corresponding provisions of the Digital Services Act].

This Regulation shall not apply to obligations of deployers who are natural persons using AI systems in the course of a purely personal non-professional activity.

The obligations laid down in this Regulation shall not apply to AI systems released under free and open source licences unless they are placed on the market or put into service as high-risk AI systems

Though the Act is considered as a “Risk Based” system nd technology neutral it defines the AI system as follows:

‘AI system‘ is a machine-based system designed to operate with varying levels of autonomy and that may exhibit adaptiveness after deployment and that, for explicit or implicit objectives, infers, from the input it receives, how to generate outputs such as predictions, content, recommendations, or decisions that can influence physical or virtual environments;

The general reading of the Act implies that Indian software developers placing their products and services in the EU Union either directly or through distributors etc need to be aware of the need to cover the risks.

(More discussions will follow…continued)

Naavi

Reference

EU Commission-AI

Posted in Cyber Law | Leave a comment

MOU with iLET Solutions

Posted on March 30, 2024 by Vijayashankar Na

An MOU was signed between Ujvala Consultants Pvt Ltd as training partner of FDPPI and iLET Solutions Private Limited, an e-Learning platform to provide Learning Management solutions for the different online training programs conducted by Cyber Law College. Mr Ashok Kini, partner Klickstart Solutions and Director FDPPI (Chapter Activity Coordination Committee) and Suresh Balepur, President Bangalore Chapter of FDPPI were present during the occasion.

iLET Solutions was founded in 2018 and offers a wide range of blended learning courses for talent development and enrichment across all age groups. 

Mr Mayank Jaiswal, the Co-Founder and Director executed the MOU which enables FDPPI and Cyber Law College to host the Certification programs on the platform under the URL “Learnwyse.com” .

ILET will also host “Jnaana Bhandar” which is the video repository of FDPPI events which is part of the continuing education of the members. FDPPI will launch the “Jnaana Bhandar” as part of its “Content Membership” program where professionals can subscribe to the different videos produced during FDPPI knowledge sessions and events which should be useful reference information.

Naavi

Posted in Cyber Law | Leave a comment

Hacker’s Attack Indian National Digital Assets

Posted on March 30, 2024 by Vijayashankar Na

Several Indian Government Entities and energy companies were targeted by unknown threat actors leading to suspected theft of sensitive data both personal and non personal.

Report in the hackernews.com suggests that the information stealing code was delivered through a phishing email concealed as an “Invitation Letter from the Indian Airforce”. Data waas exfiltrated through Slack channels.

The incident should be registered as a “Cyber Terror” activity and potential link to the current political scenario in the country should be investigated.

Naavi

Posted in Cyber Law | Leave a comment