Human: You’re an assistant at a law firm. Please concisely and comprehensibly describe the amendments from June 14, 2023, applied to the EU AI Act. Please then summarise those amendments in simple layperson’s terms.
The amendments to the EU’s AI Act clarify the Act’s scope, excluding certain AI systems like those developed for personal use or national security. They outline principles for trustworthy AI, specify additional safety and fairness measures for high-risk AI, and detail obligations for AI stakeholders, ensuring risk and quality management. The amendments also offer guidance for AI regulatory sandboxes with an emphasis on startups and public interest AI, and set obligations for notified bodies to ensure expertise, impartiality, and confidentiality.
Here are the more detailed description of the amendments from June 14, 2023, to the EU AI Act proposal:
Amendment group 1: Clarification of scope (Article 2)
- Explicitly excludes non-embedded AI systems developed by individuals for personal use.
- Clarifies that AI systems exclusively developed for national security are excluded.
Layman’s terms: The law does not apply to simple AI systems an individual creates for themselves, or to AI used specifically for national defense.
Amendment group 2: Addition of general principles (New Article 4a)
- Adds 7 key principles to guide trustworthy AI: human agency, technical robustness & safety, privacy & data governance, transparency, diversity, non-discrimination & fairness, societal & environmental well-being.
Layman’s terms: AI should uphold important values like human oversight, safety, privacy, transparency, fairness, and environmental responsibility.
Amendment group 3: Additional requirements for high-risk AI (Articles 8-15)
- Requires risk mitigation systems for “reasonably foreseeable misuse” of AI.
- Requires consideration of the impact on vulnerable groups.
- Requires logging capabilities to ensure traceability.
- Requires meeting appropriate levels of accuracy, robustness, and cybersecurity.
- Requires built-in safeguards for when high-risk AI’s accuracy declines.
Layman’s terms: Companies making high-risk AI must thoroughly address safety, consider vulnerable people, keep records, meet security/accuracy standards, and ensure AI works even if its accuracy drops.
Amendment group 4: Additional obligations for operators (Articles 16-29)
- Clarifies obligations for providers, deployers, importers, and distributors.
- Requires providers to have a risk management system, quality management system, technical documentation, and EU declaration of conformity.
- Requires deployers to have human oversight, log AI use, get user consent to use AI, report issues to providers.
- Requires cooperation to address risks.
Layman’s terms: Companies involved in making or using high-risk AI must have systems to manage risks and quality, documentation, consent, oversight, logging, and teamwork to fix problems.
Amendment group 5: Additional requirements for regulatory sandboxes (Article 53-54)
- Adds more details on establishing and using AI regulatory sandboxes, including priorities for startups/NGOs and public interest AI.
- Allows limited personal data use in sandboxes, with safeguards, for developing AI in the public interest.
Layman’s terms: Government programs to test new AI must give priority to small companies/nonprofits with AI for social good. They can briefly use people’s data to develop this AI, with privacy protections.
Amendment group 6: Additional obligations for notified bodies (Article 33)
- Requires notified bodies to have permanent staff with expertise in AI, data processing, privacy, and more.
- Requires them to avoid conflicts of interest and protect confidential information.
- Requires them to consider an AI system’s intended use and possible misuse.
Layman’s terms: Groups that check if AI complies with law must have specialized staff, be impartial, keep information private, consider how AI could be misused.