Facial recognition set to be constrained in Europe
Facial recognition and other highrisk artificial intelligence applications will face strict constraints under new rules unveiled by the European Union that threaten hefty fines for companies that don’t comply.
The European Commission, the bloc’s executive body, yesterday proposed measures that would ban certain AI applications in the EU, including those that exploit vulnerable groups, deploy subliminal techniques or score people’s social behaviour.
The use of facial recognition and other real-time remote biometric identification systems by law enforcement would also be prohibited, unless used to prevent a terror attack, find missing children or tackle other public security emergencies.
Facial recognition is a particularly controversial form of AI.
Civil liberties groups warn of the dangers of discrimination or mistaken identities when law enforcement uses the technology, which sometimes misidentifies women and people with darker skin tones.
European Digital Rights (EDRi) has warned against loopholes for public security exceptions use of the technology.
Other high-risk applications that could endanger people’s safety or legal status – such as self-driving cars, employment or asylum decisions – would have to undergo checks of their systems before deployment and face other strict obligations.
The measures are the latest attempt by the bloc to leverage the power of its vast, developed market to set global standards that companies around the world are forced to follow, much like with its General Data Protection Regulation.
The US and China are home to the biggest commercial AI companies – Google and Microsoft, Beijing-based Baidu, and Shenzhen-based Tencent – but if they want to sell to Europe’s consumers or businesses, they may be forced to overhaul operations.
Key points:
Fines of 6% of revenue are foreseen for companies which don’t comply with bans or data requirements.
Smaller fines are foreseen for companies which don’t comply with other requirements spelled out in the new rules.
Legislation applies to developers and users of high-risk AI systems.
Providers of risky AI must subject it to a conformity assessment before deployment.
Other obligations for high-risk AI includes use of high-quality datasets, ensuring traceability of results and human oversight to minimise risk.
The criteria for “high-risk” applications includes intended purpose, the number of potentially affected people, and the irreversibility of harm.
AI applications with minimal risk such as AI-enabled video games or spam filters are not subject to the new rules.
National market surveillance authorities will enforce the rules.
EU to establish board of regulators to ensure harmonised enforcement across Europe.
Rules would still need approval by the European parliament and the bloc’s member states, a process that can take years.
Facial recognition is a controversial form of AI