FB pixel

EU’s provisional AI Act deal limits remote biometrics use after marathon negotiation

EU’s provisional AI Act deal limits remote biometrics use after marathon negotiation
 

After a three-day marathon negotiation, the European Union has finally reached a provisional agreement on the Artificial Intelligence Act.

Late Friday, the European Council and Parliament settled their disputes on the first major framework governing AI, including the use of biometric surveillance by law enforcement, which proved one of the largest stumbling blocks. The final agreement also bans some kinds of biometric categorization and makes online images off-limits for facial recognition databases.

“It was long and intense, but the effort was worth it,” the AI Act’s co-rapporteur Brando Benifei says in a statement.

Despite some lawmakers arguing for a complete ban, negotiators agreed to allow law enforcement the use of remote biometric identification  (RBI) systems in public spaces, under certain conditions. The technology can be deployed with approval from courts and for a strictly defined list of crimes.

Retrospective biometric surveillance can be used strictly for targeted searches of people who are convicted or suspected of serious crimes. Live facial recognition surveillance is limited to certain times and locations and only to search for victims of abductions and trafficking, for terrorism prevention and to search for people suspected of committing serious crimes.

The deal represents a departure from the position the European Parliament adopted in June when lawmakers voted to support a full ban on real-time biometric surveillance.

Aside from biometric surveillance, technologies such as generative AI have also presented a stumbling block. The current deal mandates that foundation models such as ChatGPT and general purpose AI systems (GPAI) comply with transparency obligations before hitting the market.

Business groups criticize heavy compliance burdens

The AI Act also details how businesses can authorize high-risk AI systems to gain access to the EU market. While the EU argues that the draft deal makes it less burdensome, business organizations are arguing the opposite

“The final text largely departs from the sensible risk-based approach proposed by the Commission, which prioritized innovation over overly prescriptive regulation,” the Computer & Communications Industry Association (CCIA Europe) says in a statement.

“The agreed AI Act imposes stringent obligations on developers of cutting-edge technologies that underpin many downstream systems, and is therefore likely to slow-down innovation in Europe,” the group says, adding that the agreement lacks important details.

Business group DigitalEurope has also criticized the rules noting that for a startup of 50 people, compliance would cost around 300,000 euros (US$322,400).

“The new requirements – on top of other sweeping new laws like the Data Act – will take a lot of resources for companies to comply with, resources that will be spent on lawyers instead of hiring AI engineers”

Risks to human rights remain

The final list of bans on AI applications is longer than in the Commission’s original proposal, including biometric categorization systems that use sensitive characteristics, such as political, religious, sexual orientation and race. Untargeted scraping of facial images from the internet or CCTV footage to create facial recognition databases was also banned, and so was emotion recognition in the workplace and educational institutions.

Digital rights groups, however, warn that the current agreement introduces many loopholes that put rights at risk, including allowing AI developers to have a say in whether their systems count as high-risk.

“The EU Parliament managed to introduce a number of key safeguards to improve the original draft text, but Member States still decided to leave people without protection in situations where they would need it most,” rights organization Algorithm Watch says in a statement.

The Friday provisional deal paves the way for the final deal which may be adopted by both Parliament and Council by the end of the year.

Related Posts

Article Topics

 |   |   |   |   |   | 

Latest Biometrics News

 

US discusses ethics of biometric travel

As U.S. lawmakers debate the Traveler Privacy Protection Act, government agencies, including the Transportation Security Administration (TSA), are working on…

 

Nigeria embraces DTCs amid talks on passport-free travel in Africa

The Nigerian federal government has unveiled its intention to adopt digital travel credentials (DTCs), in a bid to streamline the…

 

Prove launches user verification tool with Uber as first client

A new identity verification offering, Prove Verified Users, has been announced to enhance security across digital marketplaces. Its introduction by…

 

ICE to award contract to field more NEC fingerprint capture devices

US Immigration and Customs Enforcement (ICE) intends to award a firm fixed price delivery order under the First Source II…

 

Veriff passes Level 2 biometric PAD evaluation from iBeta

Veriff has completed the ISO/IEC 30107-3 Level 2 Compliance evaluation for biometric passive liveness detection by iBeta. The Estonia-based company…

 

Outdated biometric liveness tests create ‘false sense of security,’ FaceTec argues

Biometrics are replacing legacy knowledge-based authentication for remote and unsupervised authentication scenarios. But the latest liveness detection report from FaceTec…

Comments

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Most Read This Week

Featured Company

Biometrics Insight, Opinion

Digital ID In-Depth

Biometrics White Papers

Biometrics Events