EU proposes rules for regulating artificial intelligence

Just-released proposals out of Europe that call for new rules to regulate high-risk artificial intelligence systems provide another marker for U.S. insurers and regulators as they consider the opportunities and risks of this evolving technology, industry experts say.

The proposals and accompanying data strategy unveiled Feb. 19 are part of the EU’s broader digital strategy aimed at setting global standards on technological development that put people first.

In its report, the European Commission says that while artificial intelligence can bring advances by tackling climate change and making production more efficient, it also “entails a number of risks, such as opaque decision-making, gender-based or other kinds of discrimination, intrusion in our private lives, or being used for criminal purposes.”

Jon Godfread, insurance commissioner for North Dakota, said the policy document is “another fencepost and guideline that we can all take a look at” as international discussions on how to regulate artificial intelligence continue to develop.

The EU’s risk-based regulatory approach outlined in the report says clear rules are needed for high-risk artificial intelligence systems in recruitment, health care, transport, energy and law enforcement so that they are “transparent, traceable and guarantee human oversight.”

Authorities must be able to check AI systems, “just as they check cosmetics, cars or toys,” the European Commission said.

“Unbiased data is needed to train high-risk systems to perform properly, and to ensure respect of fundamental rights, in particular non-discrimination,” it said.

The EU’s risk-based plan acknowledges the need for care “as we regulate in this space,” Commissioner Godfread said.

“We’re working on AI principles for the insurance industry that are specifically tailored to the insurance industry in the U.S. This is a very complex area; it’s very new technology that is evolving very quickly, and in order to help prioritize where the focus needs to be for regulators, there’s some benefit to acknowledging the different risks that may come from the different systems,” he said.

For AI systems that aren’t high-risk, the EU report proposes establishing a voluntary labeling program that would allow operators to signal that their AI-enabled products and services are “trustworthy” and that they comply with “certain objective and standardized EU-wide benchmarks,” the report said.

Under the proposals, which are open for public comment until May 19, the EU authorities also called for a debate on when to allow facial recognition technology.

“EU data protection rules prohibit in principle the processing of biometric data for the purpose of uniquely identifying a natural person, except under specific conditions,” the report said, adding: “In order to address possible societal concerns relating to the use of AI for such purposes in public places … the Commission will launch a broad European debate on the specific circumstances, if any, which might justify such use, and on common safeguards.”

Scott M. Kosnoff, a partner at Faegre Baker Daniels LLP in Indianapolis, said the EU proposals are an “interesting start.”

“The plan is to introduce legislation (in the EU) later this year which would be more detailed. This is a first step down the road,” Mr. Kosnoff said.

The European Commission is taking a “risk-based approach” and they’re seeing the need to divide the world between high-risk and non-high-risk activities, Mr. Kosnoff said.

“The devil’s in the details of what constitutes high-risk and what doesn’t,” Mr. Kosnoff said.

Companies based in the U.S. that are doing business in the EU are “going to have to worry about complying with EU requirements in connection with EU activities,” Mr. Kosnoff said, adding: “For those not doing business in the EU, the impact is less direct.”

It’s early to say what impact the EU strategy and white paper will have on U.S. insurers in the conduct of their U.S. business, Kathleen Birrane, a Baltimore-based partner at DLA Piper U.S. LLP, said in a written response.

“Certainly, the EU is clear about its desire to be a global leader in the shaping of both opportunities and regulatory frameworks for digital economies and the use of digital economy tools, including artificial intelligence,” Ms. Birrane wrote.

Commissioner Godfread said the National Association of Insurance Commissioners is continuing to “coalesce” around a standard set of principles for the use of artificial intelligence in insurance.

“As each respective coalition or group of countries comes together with their own set of regulations, they’re more similar than they’re not,” Commissioner Godfread said.

The NAIC principles are modeled after the Organisation for Economic Co-operation and Development’s principles on the development and adoption of artificial intelligence to consider how they might be adopted for insurance, Ms. Birrane said.

The principles are expected to be finalized and put before the full NAIC membership by the August meeting, said Commissioner Godfread, adding: “We are optimistic for approval.”