The AIA is extra-territorial
Image created by my non-artificial I.

The AIA is extra-territorial

Mark Sherwood-Edwards Mark Sherwood-Edwards

Mark Sherwood-Edwards

Cutting Edge Lawyering for B2B SaaS

发布日期: 2024年4月11日
+ 关注

One of the things I’m going to do in AI Legal is explain the EU AI Act in bite-sized, easy to digest, chunks.

?Here’s the first chunk.


?Chunk 1: The AIA is extra-territorial

?Like the GDPR, the AIA is extra-territorial, but it’s extra-territorial in a different way.

?The GDPR applied to companies outside the EEA that either aimed their business at people in the EEA or monitored the behaviour of people in the EEA.

?The AIA is a bit simpler, and a lot tougher.

It applies to any AI system (a few exceptions, including scientific research and development AI systems) located outside the EEA, the output of which is used in the EEA. That’s a big change to the GDPR because, for the GDPR to have extra-territorial effect, there had to be some kind of intention behind it.

?Having said that the AIA is not wholly clear.? Here’s the provision in the articles:

?“providers and deployers of AI systems that have their place of establishment or who are located in a third country, where the output produced by the system is used in the Union;”

领英推荐

?No reference to intentionality. But here’s what recital 11 says:

?“this Regulation should also apply to providers and deployers of AI systems that are established in a third country, to the extent the output produced by those systems is intended to be used in the Union.” [emphasis added]

?Go figure. Strangely, given that they are a key part of the clause, neither “output” nor “use” are defined.

?You can work out a definition of “output” from the definition of AI System: “….outputs such as predictions, content, recommendations, or decisions that can influence physical or virtual environments”.?

?There’s no definition of “use” at all. What if you consider the AI system’s output, but decide not to use it? Does that count as use? Time will tell.

?It’s also worth bearing in mind that the AIA does not supersede any existing legislation. So, if you are located outside the EU and use an AI system to either aim your business at people in the EEA or monitor their behaviour, the GDPR will still apply.

? Catherine Adenle ? Kirk Borne, Ph.D. ?? ?? Barry Scannell Cecilia Ziniti Mark Lewis Bernard Marr


#AI #AIAct #extra-territorial #SaaS


AI Legal AI Legal

AI Legal

1,044 位关注者

订阅

要查看或添加评论,请登录

Mark Sherwood-Edwards的更多文章

  • The unspoken link between the GDPR and the AIA.
    2024年5月24日

    The unspoken link between the GDPR and the AIA.

    There’s an unspoken link between the AIA and the GDPR. One of the key elements of the GDPR is the accountability…

  • 3 types of HRAIS, and "intended purpose".
    2024年5月13日

    3 types of HRAIS, and "intended purpose".

    This is number 4 of a series of bite-sized chunks on the AIA. A previous edition of AI Legal explained that the AIA is…

  • Automated Decision Making
    2024年5月1日

    Automated Decision Making

    Automated Decision Making Both the GDPR and the AIA (despite being primarily a set of rules about product safety) give…

  • Publicly Available is not the same as Free To Use
    2024年4月24日

    Publicly Available is not the same as Free To Use

    LLMs need a lot of data on which to train. But just because material is publicly available on the internet doesn’t mean…

    4 条评论
  • It's all about product safety
    2024年4月22日

    It's all about product safety

    This issue is part of a series: the AI Act in bite-sized chunks. A lot of people think that the AIA is like the GDPR…

  • When you use an LLM, who owns your output? Is it you?
    2024年4月19日

    When you use an LLM, who owns your output? Is it you?

    LLMs create content, as we know. Who owns the content that they create? There’s two levels to this question (leaving…

    3 条评论
  • Will OpenAI be lawful in the EU?
    2024年4月9日

    Will OpenAI be lawful in the EU?

    One of the provisions of the AIA is that providers of general purpose AI systems – like OpenAI’s LLM – must “put in…

    7 条评论
  • GDPR, Schrems 2 and the rule of law
    2022年2月2日

    GDPR, Schrems 2 and the rule of law

    In a recent post (ICO fines Cabinet Office £500,000) I wrote how cheering it was to see the rule of law implemented…

    3 条评论
  • Wirecard, Outsourcing & OpRes
    2020年8月11日

    Wirecard, Outsourcing & OpRes

    When Wirecard collapsed, a number of companies that had outsourced their payments processing to it found themselves in…

  • Software development contracts – the good, the bad, and the ugly.
    2020年8月3日

    Software development contracts – the good, the bad, and the ugly.

    I recently helped a client put in a place a software development contract. It was one of those least worst-case…

    1 条评论

社区洞察

其他会员也浏览了