On November 8th, 2022, the Information Commissioner’s Office (British DPA) published a document entitled ‘How to use AI and personal data appropriately and lawfully’, which is a guide to how data controllers should use AI systems in accordance with the law and in particular with people’s fundamental rights. This publication also contains a ‘frequently asked questions’ section which addresses certain specific issues that data controllers may have to deal with.
The Italian ‘Garante per la protezione dei dati personali’ (Italian data protection authority) published a press release on November 14th, 2022, in which it announced that it had opened two separate investigations into the use of ‘smart video systems’ by two Italian municipalities.
In October 2022, the White House released its white paper on AI. The ‘Blueprint for an AI Bill of Rights. Making Automated Systems Work for the American People’ intends “to guide the design, use, and deployment of automated systems to protect the American public in the age of artificial intelligence”. The framework was published by the White House Office of Science and Technology Policy, which is responsible for providing the President and his Executive Office with advice on numerous topics, including technology and national security.
An Argentinian Court has declared the use of the ‘Facial Recognition for Fugitives System’ (Sistema de Reconocimiento Facial de Prófugos), deployed in Buenos Aires in 2019, unconstitutional. In April 2022, in response to the legal challenge presented by Observatorio de Derecho Informático Argentino (ODIA), and several other human rights organisations, the judge suspended use of the system.
For several years now, the European Commission has been working on a number of projects concerned with regulating Artificial Intelligence, digital services, and digital markets. It has now issued a proposal for tighter rules on liability with regard to the technology industry. Amid these developments, a coalition of start-ups, small and medium enterprises, and technology companies sent a letter, dated August 24, 2022, to the European Commission expressing their concerns about the forthcoming European legislation, which seeks to modify the liability rules concerning artificial intelligence.
Due to the proliferation of “intelligent” video devices in public spaces, the French Data Protection Authority (CNIL) launched a public consultation on its draft position concerning the conditions for the deployment of so-called “smart” cameras in public spaces. Following several months of consideration, and various contributions from public and private actors, the Commission published its opinion last July.
On July 13th, 2022, the Greek Data Protection Authority (DPA) released its decision about the claims brought by the NGO Homo Digitalis on the processing of individuals’ biometric data by Clearview and fined Clearview 20 million euros. This lawsuit follows many similar cases filed by Noyb, Privacy International, and the Hermès Center for transparency and Digital Human Rights before the French, British, Italian and Austrian DPAs to stop the American start-up collecting biometric data belonging to European citizens.
In June 2022, the Ada Lovelace institute published an ‘Independent legal review of the governance of biometric data in England and Wales’ written by Matthew Ryder. This review aims to address the current legal uncertainty concerning the collection, use and processing of biometric data in England and Wales. It also puts forward 10 recommendations to improve the legal framework as well as the governance of biometrics in England and Wales.
The French DPA, CNIL, stressed that “the current debate on facial recognition is sometimes distorted by a poor grasp of this technology and how it works”. This 2nd of 6 Reports of our MAPFRE series provides a path to understanding with a classification table presenting in the most accessible way the different facial processing functionalities and applications used in public spaces.
How to regulate the use of facial recognition in public spaces in Europe? This crucial debate has often been characterised by a lack of clarity and precision. Here is the first of 6 Reports from our big “MAPFRE” research project, a detailed independent study analysing the different ways in which FRT is being used and the related legal issues.
On November 24, 2021, during the 41st session of UNESCO’s General Conference, the “Recommendation on the Ethics of Artificial Intelligence” was adopted. This is the first global “standard-setting instrument” that seeks to regulate the use of AI in an ethical way, although some initiatives were taken in the European context. The project came about due to a decision made at the General Conference at its 40th session in 2019.
The European Commission’s April 2021 proposal for a Regulation aiming at harmonized rules across the EU for AI is a major legal development and the negotiations at the EU level will be particularly interesting and tough. Renaissance Numérique and AI-Regulation contribute to the debate.
The technical storage or access is strictly necessary for the legitimate purpose of enabling the use of a specific service explicitly requested by the subscriber or user, or for the sole purpose of carrying out the transmission of a communication over an electronic communications network.
The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.
The technical storage or access that is used exclusively for statistical purposes.The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.
The technical storage or access is required to create user profiles to send advertising, or to track the user on a website or across several websites for similar marketing purposes.