AI Act Approved, What Shall Companies Do Now?

The European Parliament has?officially approved ?the EU AI Act, the first legislation on artificial intelligence. Minor changes to the text will be implemented in the coming months, so we need to wait before reviewing the final wording of the regulation.

It is an interesting period since clients have requested our review of AI systems, and their follow up question is whether the AI Act should be considered as part of the review. Obviously, clients are always right! Can they afford to launch an AI system that is not AI Act compliant now?

Below are my recommendations on what companies should do now because of the upcoming AI Act:

1. ?Map the already used systems that could qualify as AI systems?– The definition of artificial intelligence systems is very broad, and it does not include only general-purpose AI systems. A due diligence shall be performed internally to qualify them properly;
2. Include, in contracts with suppliers, obligations to comply with the AI Act and renegotiate existing contracts?– Companies are already including in contracts a clause requesting to comply with the AI Act. Considering the investment in terms of time, cost, and effort to implement an AI system, no business can afford to be obliged to either dismiss it or at least retrain it once an AI system is in operation;
3. Adopt internal technical and operational policies to regulate the use of AI?– The EU AI Act provides different obligations depending on the type of AI system. It is paramount that any business has a system of internal governance on the usage of AI systems and their review and approval. This internal framework is also necessary to prevent employees use AI systems that are publicly available with no control, exposing the company to high risks;
4. Implement solutions to ensure compliance with privacy and IP regulations?– The usage of AI systems is not only regulated by the EU AI Act. Privacy authorities in the EU, particularly the Italian data protection authority, the Garante, have already initiated investigations and issued GDPR fines against providers of artificial intelligence systems. Likewise, significant disputes arose in the United States for breach of intellectual property rights through AI systems;
5. ?Adopt an AI Act Compliance Tool?– The policies mentioned above shall be accompanied by a methodology to assess compliance; otherwise, they remain generic principles that risk being ignored. At DLA Piper, we have developed a legal tech tool, PRISCA AI Compliance, which can considerably support companies in their AI compliance program. You can watch a video?HERE ?and reach out to us to know more;
6. Protect internal trade secrets and confidential information?– The recent scandals on the disclosure of confidential information and trade secrets, including strings of code pasted in publicly available artificial intelligence systems, show that a complete compliance program requires the implementation of technical and organizational measures aimed at limiting abuses by employees; and
7. Train your employees; otherwise, any AI project will vanish. Any of the measures referred to above are likely not enough if they are not supported by a culture of AI compliance within the company. To this purpose, companies shall adopt the previously mentioned policies and run internal training to spread a higher awareness of the potential benefits and risks.

What is your view on the above? Do you need to know the essentials of the EU AI Act in a short and easy to read and remember format? You can find it HERE

New Italian Rules on the Online Gambling Regime and Licenses Approved

The Italian Board of Ministries has approved the new rules setting out the legal framework for online gambling in Italy, including the regime for the award of new remote gaming licenses. Read more

Google’s Gemini Scandal: A Wake-Up Call for an Algorithmic Impact Assessment on AI systems

The recent Google’s Gemini scandal and its potential biases has thrust the importance of a rigorous Algorithmic Impact Assessment (AIA) for artificial intelligence (AI) systems into the spotlight. Read more

Summary of AI Act

My great DLA Piper ‘s legal design colleagues?Deborah Paracchini ?and?Enila Elezi turned my original article into a very compelling piece that provides all the fundamental elements of the AI Act. It is available HERE

Prisca AI Compliance

Prisca AI Compliance is turn-key solution to assess the maturity of artificial intelligence systems against the AI Act, privacy regulations, intellectual property rules and much more providing a score of compliance and identifying corrective actions to be undertaken. Read more

Transfer - DLA Piper legal tech solution to support Transfer Impact Assessments

This presentation shows DLA Piper legal tech tool named "Transfer" to support our clients to perform a transfer impact assessment after the Schrems II case. Read more

DLA Piper Turnkey solution on NFT and Metaverse projects

You can have a look at DLA Piper capabilities and areas for NFT and Metaverse projects. Read more