Congressional AI report lays out regulatory roadmap, addresses privacy, civil rights issues

The long-awaited report of the nearly year-old U.S. Bipartisan House Task Force on Artificial Intelligence should serve as a call to action for addressing the pressing privacy and civil rights challenges that are posed by AI. The report, which is intended to be a blueprint for future actions Congress can take to address advances in AI technologies, highlights the key privacy and civil rights concerns that are directly related to the rapid development and adoption of AI systems.

“AI has tremendous potential to transform society and our economy for the better and address complex national challenges,” the 273-page report states, but it also asserts that “AI can be misused and lead to various types of harm.”

The report contains 66 key findings and 89 recommendations.

While AI offers transformative potential across sectors, its deployment raises significant concerns about data privacy, discrimination, transparency, and accountability, all issues that are critical as the U.S. charts a path toward responsible AI governance. By prioritizing these issues, the report says, the U.S. can lead in the responsible development and deployment of AI systems.

The task force was created in February and has 24 members, twelve Republicans and twelve Democrats, all drawn from 20 committees to ensure comprehensive jurisdictional responsibilities over the numerous AI issues that are addressed “and to benefit from a range of different insights and perspectives.”

One of the primary concerns emphasized in the report is data privacy. AI systems often rely on vast quantities of data, which can include sensitive personal information. The risks of privacy violations are compounded when these systems are employed in government and private-sector settings, the report emphasizes. Current frameworks like the Privacy Act of 1974 provide some protections, but the dynamic and pervasive nature of modern AI technologies necessitates more robust safeguards. This includes addressing concerns over unauthorized data access, ensuring data anonymization, and implementing privacy-by-design principles in AI systems.

The report highlights the fact that “there is no comprehensive U.S. federal data privacy and security law.”

The report underscores how AI can exacerbate existing privacy harms, often leaving individuals with limited avenues for recourse. Missteps in how AI systems collect and utilize data have led to incidents of harm, such as wrongful arrests due to flawed facial recognition systems. Thes types of problems, the report says, demonstrates the dangers of deploying AI without adequate oversight or accountability mechanisms. Such examples have reignited calls for comprehensive federal privacy laws that are both technology-neutral and applicable across various sectors to preempt disparate state regulations.

Soumi Saha, senior vice president of government affairs at health technology company Premier Inc., said the Task Force’s recommendations “are in lockstep with Premier’s long-standing advocacy for sensible regulatory guardrails for health AI. Premier appreciates the Task Force’s recognition of AI’s transformative ability to reduce administrative burdens and improve patient care. However, to fully realize the life-changing benefits of innovations like real-time electronic prior authorization, Congress must address the fragmented state data privacy laws that are a barrier to bringing this technology to scale. Federal data privacy standards are essential to ensuring consistent protections, fostering equitable access and scaling AI-powered solutions effectively.”

Civil rights and liberties are equally at stake in the application of AI. As the report notes, improperly designed or misused AI systems can result in discriminatory outcomes. This concern is especially acute in areas such as criminal justice, housing, employment, and financial services, where AI models are used to make decisions that can significantly affect individuals’ lives.

The Task Force found that flawed AI systems might inadvertently encode or perpetuate biases present in their training data, leading to unfair outcomes. The report says that “biases in AI systems can contribute to harmful actions or negative consequences and produce unwarranted, undesirable, or illegal decisions.” Examples include decisions disadvantaging people based on one or more protected characteristics of that person, such as a person’s race, sex, or veteran status. For example, certain hiring algorithms have been shown to disadvantage candidates from underrepresented groups due to biased datasets.

“Systemic biases result from the procedures and practices of particular institutions, which may not be consciously discriminatory but may have disadvantaged certain social groups. These biases can then be reflected in datasets used to train AI systems and left unaddressed by the norms and practices of AI development and deployment,” the report says.

Additionally, the report says “statistical and computational biases result from errors that occur when the data the AI system is trained on is not representative of relevant populations. These biases arise when algorithms are trained on one type of data and cannot accurately extrapolate beyond that.”

“Finally,” the report says, “human biases can result from common cognitive phenomena such as anchoring bias, availability heuristic, or framing effects that arise from adaptive mental shortcuts but can lead to cognitive bias. These errors are often implicit and affect how an individual or group perceives and acts on information.”

To mitigate such risks, the report advocates for human oversight in high-stakes AI decision-making processes. This “human-in-the-loop” approach ensures that decisions informed by AI systems are reviewed by individuals capable of identifying and rectifying potential biases or errors. Moreover, sectoral regulators must be equipped with the expertise and tools to evaluate and address AI-related risks within their respective domains. Empowering these regulators is pivotal in maintaining fairness and accountability.

The report notes, however, that “when discussing bias in AI, it is important to keep in mind that not all bias is harmful, and not all AI bias is due to human bias … not all bias is inherently harmful. Statistical and computational biases that arise in an analysis are a normal and expected part of data science, machine learning, and some of the most popular contemporary AI technologies.”

Transparency is another cornerstone of addressing privacy and civil rights concerns in AI governance. “Without sufficient transparency into specifically how AI systems generate their outputs,” the report states, “one must evaluate the AI system as it is deployed to determine whether it has the potential to produce discriminatory decisions. It might not always be apparent how AI systems produce their outputs, what roles these outputs play in human decision-making, or how to correct these flaws.”

The report stresses the importance of informing the public about how AI systems are used, especially in government operations. For instance, citizens should be notified when AI plays a role in decisions affecting them. Transparency mechanisms, such as documenting data sources, model development processes, and decision-making criteria, are essential. These measures not only build public trust, but they also enable effective oversight, the report says.

However, transparency must be balanced with considerations for security and proprietary information. The Task Force notes that while full public disclosure may not always be feasible, internal documentation and interagency coordination can ensure that AI systems adhere to ethical standards without compromising sensitive information.

The report also underscores the need for updated technical standards and evaluations to address privacy and civil rights issues in AI. The National Institute of Standards and Technology (NIST) has developed a voluntary AI Risk Management Framework to guide stakeholders in identifying and mitigating risks. But while this framework provides a theoretical baseline, the Task Force recognized the need for more comprehensive standards tailored to specific AI applications – standards that should incorporate robust testing for biases and discriminatory potential.

Furthermore, the report calls for federal investments in research and development to advance privacy-enhancing technologies. Techniques like differential privacy, secure multi-party computation, and federated learning can allow AI systems to process data without exposing sensitive information. Supporting these innovations is crucial for aligning AI deployment with civil rights protections, the report says.

The role of federal preemption in AI governance is another area of focus. While state laws addressing AI and data privacy are emerging, the Task Force suggests that a unified federal approach could provide clarity and consistency. Federal preemption could harmonize regulatory frameworks, preventing a patchwork of state laws that might hinder innovation or create compliance challenges for businesses operating across state lines. However, this approach must carefully consider the balance between national standards and states’ ability to address unique local concerns.

The Task Force’s recommendations also extend to education and workforce development. Bridging the AI talent gap, the panel said, is essential for developing and implementing ethical AI systems. Efforts to enhance AI literacy across educational institutions and the workforce can empower more individuals to contribute to AI innovation while safeguarding against its misuse.

The Task Force also tackled the issue of online content authenticity, saying “bad actors can use synthetic content to commit fraud, spread false information, and target individuals. Addressing these harms is important and must also be done within the context of protecting First Amendment rights.”

If major privacy and security concerns are addressed, digital identity technology may allow a person online to prove their identity to other users and online platforms,” the report says, noting that “once the person’s identity is verified, it is easier to reduce fraud perpetrated through the digital content they create, modify, or disseminate.”

By prioritizing transparency, accountability, and fairness, the U.S. can lead in the responsible development and deployment of AI systems, but policymakers, regulators, and stakeholders will have to work collaboratively to create an environment where innovation thrives while protecting individual rights and societal values.

Article Topics

biometrics  |  data privacy  |  legislation  |  regulation  |  responsible AI  |  U.S. AI policy  |  U.S. Government  |  United States