Will AI regs take a decade to write in EU? History says maybe so

If the speed at which Europe’s General Data Protections Regulation evolved from interesting idea to iconic privacy regime is an indication, gelling efforts to build AI standards might be many years off.

Reuters reported this week on a pair of European parliamentarians who want to build momentum behind GDPR-level regulations for AI generally and facial recognition particularly.

The data protection rules certainly were considered ambitious to some in related industries, but it is possible that lawmakers could push for the ultimate regulation — banning facial recognition.

At the moment, the European Commission is chewing over a draft of regulations. As Reuters reports, a draft would have to be approved by the European Parliament and European Union nations before it can even be voted on.

Facial recognition is looking like a political lightning rod within the movement for AI regulation.

Members of Parliament Dragos Tudorache and Alex Voss are scouting obstacles to regulatory success, and both are focused on facial recognition.

Tudorache told Reuters that the European Commission would prefer it be used by law enforcement agencies for high-stakes crimes like terrorism. He himself has said there is a legitimate role for face biometrics. Likewise, Voss opposes a ban.

Of course, those positions are not exactly defining. The chances that even a minority of EU nations push for a ban are small.

Politicians will have years to find safe (for their political careers) positions on the matter.

The germ of the GDPR dropped almost as soon as its predecessor, Directive 95/6/EC, was signed in 1995 amid grumbling about omissions and short-sighted provisions.

In 2009, the commission held a conference about challenges to privacy. Eighteen months later, commission members approved a strategy for shielding a person’s personal data government-wide while simultaneously greasing the paths for data sharing around the EU.

It was not until 2012 that the commission formally proposed large-scale reform of privacy protections within the directive. What followed was extensive debate, studies and legislative protocols.

It would be another six years until the GDPR saw ink. And just this month, Ireland handed out its first GDPR fine to Limerick for unlawful surveillance operations.

Article Topics

AI  |  biometric identification  |  biometrics  |  Europe  |  facial recognition  |  GDPR  |  legislation  |  privacy  |  regulation  |  surveillance