On March 25, 2021, the Center for Information Policy Leadership in Hunton Andrews Kurth organized an expert round table on the EU approach to regulating AI – How can experiments help bridge innovation and regulation? (the “Roundtable”). The round table was hosted by Dragoș Tudorache, Member of Parliament and Chairman of the Committee on Artificial Intelligence in the Digital Age (“AIDA”) of the European Parliament. Representatives of the industry and data protection authorities (“data protection authorities”) as well as Axel Voss, rapporteur of the AIDA committee, gathered at the round table.
The panelists examined how experimental methods such as policy prototyping and regulatory sandboxes can help create the right rules and frameworks and interpret them constructively in order to regulate the AI in such a way that responsible innovation and risk reduction are possible while still making honest mistakes and constant improvements possible are.
Dragoș Tudorache opened the round table by underlining that states and governments must be up to the task of effective legislation that enables both innovation and social order, especially in times of rapid digital transformation. Policy prototyping and regulatory sandboxes could enable real collaboration and co-creation of the rules of the game between legislators, regulators and industry. However, as policy makers, we need to ensure that the results produce a social good and remain impartial.
The roundtable presented successively the methods of policy prototyping and regulatory sandboxes, which are used in different contexts. While regulatory sandboxes work in the context of existing laws to test certain innovative products under the supervision of a regulator, guideline prototyping works where a new regulatory framework or policy is being considered to test a prototype under real-world conditions and inform the creation of this new regulatory framework or policy. Policy prototyping also helps identify the limitations of the prototype, ultimately providing recommendations on how to successfully draft laws. Regulatory sandboxes and policy prototyping complement each other chronologically. Once the legislation is in place, sandpits will allow further scrutiny of the legislation. The need to experiment with digital regulation becomes even more important as different types of legal frameworks come into play and conflict with one another.
In the context of AI, policy prototyping has been used to test the effectiveness of the AI risk assessments. This means that the assessments that startups conduct on their AI products identify and rate the likelihood and severity of harm to individuals and society. The earlier the risks for bias or lack of transparency are identified, the better those risks can be addressed and adequate mitigation built into AI products, which can sometimes accelerate startups’ go-to-market strategy.
The roundtable also emphasized the need to assess and monitor the adaptation of the rules to AI applications as new risks and challenges continue to arise during product deployment and use. This requires close and continuous collaboration between legal, data protection and innovation teams within organizations to minimize risks and implement effective data protection through design policies and procedures. The roundtable emphasized that a multi-stakeholder approach is also key to engaging different perspectives from data scientists and consumer panels before making decisions about the manufacture of AI products.
The second part of the round table looked at how regulatory sandboxes, which provide a monitored safe space set up by a regulator for the piloting and testing of innovative products, can reassure that innovation is taking place in a responsible and accountable manner . Regulatory sandbox projects are currently underway with the Norwegian and French data protection authorities. Regulatory sandpits help companies better understand the requirements of the EU General Data Protection Regulation by reducing gray areas and overcoming regulatory barriers to advance useful AI products and uses. They can also help increase data protection authorities’ understanding of AI, which is needed when they conduct audits or take enforcement action. Transparency, minimization and fairness are often discussed in the sandpit. The sandbox results can be shared through guidelines, blog posts, or workshops to fully communicate best practices and lessons from a particular case. The most important success factors of a regulatory sandbox include (1) the need for clear rules for engagement between the regulator and the sandbox participant; (2) adequate resources from both parties; (3) open collaboration; (4) disclosure of information; and (5) the freedom to question the other party’s views.
In his remarks, Axel Voss expressed his full support for the use of experiments to bridge innovation and legislation and was of the opinion that the EU needs faster regulatory results compared to traditional legislation in order to be internationally competitive. The EU must also experiment through sandboxes to develop trustworthy, human-centered, safe, unbiased, environmentally friendly and sustainable AI, as well as providing access to data and building data spaces.
In the closing remarks, Dragoș Tudorache reiterated the need to move to a concept of staged legislation regulating technologies, starting with prototyping followed by adapting over time. He will make a recommendation to the European Commission to take regulatory sandboxing into account in the upcoming AI regulation.
To learn more about CIPL’s work on smart regulation and AI, please contact Michelle Marcoot at [email protected]