On November 8th, 2022, the Information Commissioner’s Office (British DPA) published a document entitled ‘How to use AI and personal data appropriately and lawfully’, which is a guide to how data controllers should use AI systems in accordance with the law and in particular with people’s fundamental rights. This publication also contains a ‘frequently asked questions’ section which addresses certain specific issues that data controllers may have to deal with. 

The Italian ‘Garante per la protezione dei dati personali’ (Italian data protection authority) published a press release on November 14th, 2022, in which it announced that it had opened two separate investigations into the use of ‘smart video systems’ by two Italian municipalities.

The ‘Commission Nationale de l’Informatique et des Libertés’ (CNIL – the French DPA) released its final decision on October 20th, 2022, sanctioning Clearview AI for its unlawful activity, which consists of collecting images of millions of individuals from the open web without any legal basis under the GDPR for doing so. 

On October 13th, 2022, the European Data Protection Supervisor (EDPS) published an Opinion entitled “Recommendation for a Council Decision authorising the opening of negotiations on behalf of the European Union for a Council of Europe convention on artificial intelligence, human rights, democracy and the rule of law”. This independent supervisory authority welcomes the initiative taken by the European Commission to authorise negotiations on behalf of the EU regarding the future Council of Europe’s (CoE) Convention on Artificial Intelligence (AI).

In October 2022, the White House released its white paper on AI. The ‘Blueprint for an AI Bill of Rights. Making Automated Systems Work for the American People’ intends “to guide the design, use, and deployment of automated systems to protect the American public in the age of artificial intelligence”. The framework was published by the White House Office of Science and Technology Policy, which is responsible for providing the President and his Executive Office with advice on numerous topics, including technology and national security.  

An algorithmic tool designed to “predict migration flows” and “detect risks of tensions related to migration” is being developed by the EU as part of its security program. Against this background, a group of civil society organisations and individuals published a joint letter highlighting the risks posed by this technology in terms of criminalising migration and undermining human rights. 

On September 24th, 2022, the French NGO ‘La Quadrature du Net’ challenged the use of technology-driven tools by French police forces before the Commission Nationale de l’Informatique et des Libertés (CNIL – French DPA). By means of three separate complaints, the NGO wants to raise awareness about what it calls the ‘technopolice’, which amounts to the police using methods that may pose risks to privacy. These complaints follow a petition published by LQDN which collected 15 248 signatures.

An Argentinian Court has declared the use of the ‘Facial Recognition for Fugitives System’ (Sistema de Reconocimiento Facial de Prófugos), deployed in Buenos Aires in 2019, unconstitutional. In April 2022, in response to the legal challenge presented by Observatorio de Derecho Informático Argentino (ODIA), and several other human rights organisations, the judge suspended use of the system. 

European Digital Rights (EDRi), an association of civil and human rights organisations, published, on September 7th, 2022, its position paper on the European Union’s proposed “Regulation on automated data exchange for police cooperation”, known as Prüm II.  The report underlines several issues concerning the draft regulation, the purpose of which is to modify the data sharing process between EU member states, by including, among other things, ‘automated searching of facial images’.

On August 30th, 2022, the Conseil d’Etat (French Council of State) released a report, commissioned by former Prime Minister Jean Castex on June 24th, 2021, proposing a landscape of AI technology deployed in the public sector, which examines the technical, operational, ethical and legal aspects of this issue.

For several years now, the European Commission has been working on a number of projects concerned with regulating Artificial Intelligence, digital services, and digital markets.  It has now issued a proposal for tighter rules on liability with regard to the technology industry. Amid these developments, a coalition of start-ups, small and medium enterprises, and technology companies sent a letter, dated August 24, 2022, to the European Commission expressing their concerns about the forthcoming European legislation, which seeks to modify the liability rules concerning artificial intelligence.

On August 26, 2022, the European Commission published a set of rules that it says automated driving systems (ADS) must meet in order to be approved. The regulation focuses on the need to assure that performance requirements are met, and the safety of automated driving systems demonstrated, before they can be approved. For this purpose, the Commission considers it necessary to introduce measures aimed at making automated driving systems more safe, and strict parameters regarding their manufacture.

Due to the proliferation of “intelligent” video devices in public spaces, the French Data Protection Authority (CNIL) launched a public consultation on its draft position concerning the conditions for the deployment of so-called “smart” cameras in public spaces. Following several months of consideration, and various contributions from public and private actors, the Commission published its opinion last July.

On July 13th, 2022, the Greek Data Protection Authority (DPA) released its decision about the claims brought by the NGO Homo Digitalis on the processing of individuals’ biometric data by Clearview and fined Clearview 20 million euros. This lawsuit follows many similar cases filed by Noyb, Privacy International, and the Hermès Center for transparency and Digital Human Rights before the French, British, Italian and Austrian DPAs to stop the American start-up collecting biometric data belonging to European citizens.

In June 2022, the Ada Lovelace institute published an ‘Independent legal review of the governance of biometric data in England and Wales’ written by Matthew Ryder. This review aims to address the current legal uncertainty concerning the collection, use and processing of biometric data in England and Wales. It also puts forward 10 recommendations to improve the legal framework as well as the governance of biometrics in England and Wales.

At a time when ad hoc legislation on AI is being negotiated at the European level, the French Senate published on May 10, 2022, a report proposing regulations on biometric recognition in public spaces. The purpose of this report is to put forward a framework for facial recognition experimentation and to reinforce French and European technological sovereignty.

In 2019, Buenos Aires City Council introduced the ‘Facial Recognition for Fugitives System’ (Sistema de Reconocimiento Facial de Prófugos (SNRP)), which involved deploying 9,500 surveillance cameras equipped with facial recognition technology.

Earlier this month, the US Federal Trade Commission (FTC), a civil law enforcement agency, published a settlement order requiring WW International, Inc. (formerly known as Weight Watchers) and its subsidiary Kurbo to delete the personal data illegally collected from children under 13 and to destroy any algorithm or AI model built using such data.

On March 7th, 2022, the Center for a New American Security held a workshop on Transatlantic Artificial Intelligence, which gathered together senior researchers, PhD candidates, NGO members, Institutional representatives and AI professionals from both sides of the Atlantic to discuss the future of Euro-American relationships as regards AI-related matters.

Aiming to raise awareness about the effects of AI on women, and to outline the challenges and opportunities emerging from AI technologies, the United Nations Educational, Scientific and Cultural Organization (UNESCO), the Inter-American Development Bank (IAD), and the Organisation for Economic Co-operation and Development (OECD) came together to examine the effects of the use of AI on the working lives of women.

On November 16th, 2021, the Future of Privacy Forum, in partnership with the Brussels Privacy Hub, organised the 2021 Brussels Privacy Symposium entitled ‘The Age of AI Regulation: Global Strategic Directions’. This symposium marked one of the first opportunities to discuss the AI Regulation Chair’s current project, which aims to map the use of facial recognition in public places in Europe.

The Center for AI and Digital Policy, a non-profit organisation based in Washington DC, issued a statement on March 1st 2022 supporting the Ukrainian people and alerting the World as to the dangers that AI might pose during the conflict.

With the rapid development of technology, artificial intelligence is becoming more and more sophisticated. This trend has led States to be concerned about the possible consequences that this technology may have on society.

On January 4th, 2022, the regulation “Provisions on the Management of Algorithmic Recommendations in Internet Information Services” was adopted by China. This text will enter into force on March 1st. It follows an initial draft presented by China’s Cyberspace Administration in August 2021 and it seeks to regulate algorithms, especially those that will be employed for ‘recommendation’ purposes such as those used in search filters, social media, online stores, content services or gig work platforms.

A few weeks ago, the 120 State parties to the Convention on Certain Conventional Weapons (CCW) met in Geneve for the 6th Review of the Convention. The discussion about the use of lethal autonomous weapons systems (LAWS) was on the top of the agenda.

From November 30 to December 2nd 2021, the Council of Europe’s Ad hoc Committee on Artificial Intelligence (CAHAI) held its final plenary meeting. In this session, the recommendation on the “Possible elements of a legal framework on artificial intelligence, based on the Council of Europe’s standards on human rights, democracy and the rule of law” was adopted.

On November 24, 2021, during the 41st session of UNESCO’s General Conference, the “Recommendation on the Ethics of Artificial Intelligence” was adopted. This is the first global “standard-setting instrument” that seeks to regulate the use of AI in an ethical way, although some initiatives were taken in the European context. The project came about due to a decision made at the General Conference at its 40th session in 2019.

On September 22nd 2021, the European Economic and Social Committee (EESC), the Body that represents civil society organisations within the European Union, adopted Catelijne Muller’s Opinion on the EU Commission’s Artificial Intelligence Act (AIA) proposal.

On September 14th and 15th 2021, the Slovenian Presidency of the Council of the European Union hosted a High-Level Conference on Artificial Intelligence entitled “From ambition to Action”.

On September 3rd, 2021, the Garante per la protezione dei dati personali (the GPDP – Italian data protection authority), issued an official request to the local Health authority USL Roma 3, to provide information about its deploying of AI technologies to combat Covid19.

On June 29, 2021, a draft report was presented and adopted by the Committee on Civil Liberties, Justice and Home Affairs (LIBE) on artificial intelligence in criminal law and its use by the police and judicial authorities in criminal matters.

On June 23, 2021, the European Data Protection Board (EDPB) and European Data Protection Supervisor (EDPS) shared a joint opinion regarding the European Commission’s AI regulation proposal.

On May 27, 2021, a coalition of civil society groups including Privacy International, the Hermes Center for Transparency and Digital Human Rights, Homo Digitalis and noyb, filed several claims in Europe against the U.S facial recognition firm Clearview AI.

On April 29, 2021, the French Defense Ethics Committee issued an Opinion on the integration of autonomy into lethal weapon systems. Through this work, the Committee aims to establish a clear definition of autonomy and a clear distinction between fully (LAWS) and partially autonomous lethal weapon systems (PAWLS).

On April 16, 2021, the Garante per la protezione dei dati personali, the Italian Data Protection Authority (DPA), issued an unfavourable opinion on the use of the SARI Real Time system by the Ministry of the Interior, a real-time facial recognition system aiming to assist the Police Force in the management of public order and safety.

After a preleminary initiative was announced in January 2021, the European Digital Rights (EDRi) organisation and 55 others sent a new letter to Didier Reynders (European Commissioner for Justice) on April 1st, 2021 to support their demand for a specific ban on biometric mass surveillance technologies.

Over the past few weeks, the Council of Europe, the Strasbourg-based organisation that promotes and protects human rights, democracy and the rule of law, has been raising awareness about the risks of using AI enabled technologies and preparing a draft proposal for ensuring adequate AI regulation.

On March 12, 2021, the European Data Protection Board (EDPB) opened a public consultation about their new guidelines on Virtual Vocal Assistants (VVA) which were adopted on March 9, 2021.

On March 9, 2021, the European Data Protection Board (EDPB) adopted version 2.0 of its guidelines – On processing personal data in the context of connected vehicles and mobility related applications following a period of public consultation that ended in May 2020.

The French government issued a decree on March 10, 2021 authorising automated analysis of the rate of compliance with the obligation to wear a mask on public transport

On Thursday 18, 2020, the President of the CNIL issued a warning to a sports club who were considering using a facial recognition system to stop people with stadium bans from attending their games.

The Swedish DPA fines the police authorities for their use of facial recognition. Employees from two services were using Clearview AI’s App.

On January 28, 2020, The Council of Europe (CoE) adopted a new set of guidelines on facial recognition addressed to governments, legislators and businesses. The guidelines were developed by the Consultative Committee of the Council of Europe, after a 7-year process, that resulted in the updating of Convention 108

On January 20, 2020, the Legal Affairs Committee of the European Parliament (EP) adopted a resolution which includes new guidelines for the use of artificial intelligence (AI) for civil and military use.

The Ad Hoc Committee on Artificial Intelligence of the Council of Europe adopted their first feasibility study on a legal framework on AI.

On December 7, 2020, the European Commission (EC) registered and approved a request for a European Citizens’ Initiative (ECI) entitled Reclaim Your Face: Ban Biometric Mass Surveillance.

On December 14, 2020, during their online conference entitled “Doing AI the European way: Protecting fundamental rights in an era of artificial intelligence”, the European Union Agency for Fundamental Rights (FRA) presented their new report : Getting the future right – Artificial intelligence and fundamental rights.

On December 10, 2020, the Legal Affairs Committee of the European Parliament (EP) adopted new guidelines on the use of AI for military purposes and its use in the health and justice sectors.

On November 27, 2020, Brigadier-General Mohsen Fakhrizadeh, the head of the Iranian military’s nuclear program, was shot and killed in a convoy outside Tehran.

On December 2, 2020, the President of the Spanish Government, Pedro Sánchez, officially presented one of the fundamental proposals of the Spain Digital Plan 2025 launched last July and one of the most principal components of the Recovery, Transformation and Resilience Plan for the Spanish economy; the National Artificial Intelligence Strategy.

On November 19, 2020, the United-Nations Interregional Crime and Justice Research Institute (UNICRI) Centre for AI and Robotics released its latest collaborative report on Malicious Uses and Abuses of Artificial Intelligence

On November 17, 2020, the Office of Management and Budget (OMB) in the White House released a “Memorandum for the heads of executive departments agencies” to provide “guidance to all Federal agencies to inform the development of regulatory and non-regulatory approaches regarding technologies and industrial sectors that are empowered or enable by artificial intelligence (AI) and consider ways to reduce barriers to the development and adoption of AI technologies”.

It is the ALICEM application’s use of biometric data that has been challenged by an association at the French Supreme Administrative Court and a decision has just been announced.

On April 1st -2nd, 2021, a colloquium will take place on Artificial Intelligence and Normative Challenges: International and Comparative Legal Perspectives, organised by The Faculty of Law at the Aristotle University of Thessaloniki and the Kalliopi Koufa Foundation for the Promotion of International and Human Rights Law, with the support of the European Society of International Law (ESIL).

On October 22, 2020, the Parliamentary Assembly of the Council of Europe (CoE) adopted a provisional version of Resolution 2356 (2020) Legal aspects of “autonomous” vehicles.

On October 22, 2020, the Parliamentary Assembly of the Council of Europe adopted a provisional version of Resolution 2342 (2020) Justice by algorithm – the role of artificial intelligence in policing and criminal justice systems.

With 2021 shaping up to be a decisive year for EU Regulation of AI, the public debate on this particular issue is already well underway.

On October 20, 2020, the EP adopted three resolutions on a framework of ethical aspects of artificial intelligence, a civil liability regime for AI and a response to intellectual property rights challenged by these systems.

On October 9, 2020, the CNIL (French Data Protection Authority) clarified its position on the use of facial recognition technology at airports, providing useful guidance for French airports’ managers and service providers in their experimentation of FRTs.

On September 2020, the cities of Amsterdam and Helsinki launched the Algorithm and AI Register, an “overview of AI systems and algorithms used by the City”

According to an article by Politico on 8 October 2020, 14 EU Member States sent an unofficial document to the European Commission asking it not to over-regulate artificial intelligence.

On September 28th, 2020, the European Parliament Research Service (EPRS) released a new European added value assessment (EAVA) on the ethical aspects of AI.

On September 2020, UNESCO published a new report entitled Artificial Intelligence and Gender Equality: key findings of UNESCO’s Global Dialogue

On September 25th, 2020, the European Parliament Research Service (EPRS) released a new study on Civil Liability Regime for AI was released.

The Council of Europe’s Ad Hoc Committee on Artificial Intelligence unveiled its roadmap after its meeting on 23 September 2020.

On September 9th, 2020, the Consort-AI extension provided guidelines for clinical trial reports for interventions involving AI.

UNIDIR published a new report on the predictability and understandability in Military AI: the Black Box Unlocked.

The document is a first step to prepare future discussions between Member States which should occur in 2021. The framework envisaged in this document is based on a set of values and principles that should be implemented in different policy areas.

On September 21st, 2020, the Legislature of the City of Buenos Aires has started a debate to regulate the implementation of facial recognition systems in public spaces.

The European Commission published a report made by an independent group of experts on the Ethics of Connected and Automated Vehicles (CAVs).

On September 1st, 2020, (UNIDIR) published a new report on Modernizing arms control, Exploring Responses to the Use of AI in Military-Decision-Making.

On September 9, 2020, the Portland City Council voted to ban facial recognition. The new law is actually established as two ordinances, which ban both public and private use of the technology.

On September 7th, 2020, the French DPA (CNIL) published its White Paper on the Ethical, Technical and Legal challenges of vocal assistants.

On August 21st 2020, HLEGAI released their new deliverable on the sectoral considerations on the policy and investment recommendations for Trustworthy AI.