The EU AI Act is coming. Are you ready?

The European General Data Protection Regulation (GDPR) changed the way companies approach privacy around the world, and the EIAU Act may do the same for how we analyse data. The Act is currently available in draft format and will become legal in the next few years, potentially subject to amendments. Although the legislation will only have jurisdiction in Europe, it is likely that, like GDPR before it, the law will become influential far beyond Europe’s borders.

In 2018, multinationals quickly adopted GDPR principles for their European customers and then extended it as their global standard. Similar privacy laws, such as the California Consumer Protection Act, soon followed. The EU AI Act may well become standard practice in your work, so it’s time to get ahead now.

What’s In The Current Draft?

The draft lays out an approach to AI that is risk focused. The current definition of Artificial Intelligence is broad, covering almost all statistical processes, but the laws don’t apply to the lower risk applications and are defined in terms of both the analytic process and the specific contexts where the analysis will be implemented.

There are four levels of risk in application:

1. prohibited
2. high risk
3. medium risk
4. low risk.

The highest two categories are largely related to government and law enforcement applications, or applications that involve vulnerable groups such as minors. The majority of applications of statistical analysis will fall into the lower two risk categories, where regulations range from seeking 3^rd party approval before introducing a new process, to first party documentation and monitoring to ensure that models are transparent and open to challenges.

At The IoA We’re Ready. Resources To Help You Prepare.

You’re going to need and organisational code of ethics. If your organisation doesn’t yet have their own Code of Conduct on https://ioaglobal.org/code-of-ethics-and-practices/, check our own code of ethics in analytics, and our guide to checking your current sector specific or organisation specific code here https://ioaglobal.org/checklist-for-an-organization/.

Toe get an introduction to the main takeaways, we have a recorded webinar to talk you through the key changes, with plenty of examples to help you make sense of the legal terminology. Check our webinar on https://ioaglobal.org/ioa-webinars/

To come up to speed with best practice to document analytics, we have plenty of CPD on https://ioaglobal.org/ioa-cpd-programs/ . Please check the Governance and Professionalism courses and Communication course content to ensure that you are ready to document your work in accordance with the new legal requirements.