Regulatory Plans For Artificial Intelligence & Algorithms

Regulation of the powerful and fast growing Technology Industry is fast  becoming a hot topic of concern for government due to its many impacts upon nations and societies, both good and bad. 

In order to better shape those issues involving technology, it is important understand two basic conceptions which are pillars in the current technology deployment: Algorithms and Artificial Intelligence (AI).  By Joao Paro.

The positive impacts of these technolgies are those related to the fact that technology can be very useful to help  daily life. No one could deny that is easier and more comfortable being guided by algorithms and artificial Intelligence when we are driving, choosing prices and making shops. The negative aspects  can be defined by the vulnerabilities that flow from the uses of these technologies. These include questions like:

  • How to get the technology accountable?
  • In which terms we should mitigate risks and protect our privacy from the unstoppable development of technology?

In particular, the misuse of algorithms and artificial intelligence to manipulate public opinion, eroding freedom and democratic principles by spreading fake news and dividing people with misinformation.  Two new pieces of legislation to regulate the use of Artifilcial Intelligence and Algorithms are under consideration by the US Congress .

Artificial Intelligence can be defined as "the theory and development of computer systems able to perform tasks normally requiring human intelligence, such as visual perception, speech recognition, decision-making, and translation between languages". Algorithms can be defined as a "current term of choice for a problem-solving procedure, algorithm, is commonly used nowadays for the set of rules a machine (and especially a computer) follows to achieve a particular goal. Howver, it does not always apply to computer-mediated activity."

Both the Articial Intelligence and Algorithms are expected to subject to regulation by the US government  and there are two new pieces of  legislation are under consideration by the US Congress.

The Bill H. R. 2231 called "Algorithmic Accountability Act of 2019", was first  introduced in the House by the Republican Congressman Yvette Clarke in April 2019 in order "to require entities that use, store, or share personal information to conduct automated decision system impact assessments and data protection impact assessments". Basically, this Bill, which is currenly being assessed by the US Congress, lays down definitions for an automated decision system and its impacts withe the  aim to regulate it. 

Two of the definitions are sensitive for the accountability intention in the proposed bill, as quoted below:

Section 2.1 provides that automated decision system "means a computational process, including one derived from machine learning, statistics, or other data processing or artificial intelligence techniques, that makes a decision or facilitates human decision making, that impacts consumers". 

Section 2.2 defines automated decision system impact assessment as a "study evaluating an automated decision system and the automated decision system’s development process, including the design and training data of the automated decision system, for impacts on accuracy, fairness, bias, discrimination, privacy, and security that includes".

A second bill was introduced in the US Senate in May 2019. The Bill S. 1558 called “Artificial Intelligence Initiative Act” or “AI–IA” intends to introduce a regulation for the development of AI technology. The proposed Bill aims "to establish a coordinated Federal initiative to accelerate research and development on artificial intelligence for the economic and national security of the United States, and for other purposes".

This bill is recognizing the necessity for a creation of the "National Artificial Intelligence Initiative, including a comprehensive strategy for and coordination across agencies on research and development on artificial intelligence". (Section 2). SThe Algorithm Accountability Bill it brings in some important definitions on the matter. The main one is:

"(1) ARTIFICIAL INTELLIGENCE.—The term “artificial intelligence” includes the following:
(A) Any artificial system that performs tasks under varying and unpredictable circumstances without significant human oversight, or that can learn from experience and improve performance when exposed to data sets.
(B) An artificial system developed in computer software, physical hardware, or other context that solves tasks requiring human-like perception, cognition, planning, learning, communication, or physical action.
(C) An artificial system designed to think or act like a human, including cognitive architectures and neural networks.
(D) A set of techniques, including machine learning, that is designed to approximate a cognitive task.
(E) An artificial system designed to act rationally, including an intelligent software agent or embodied robot that achieves goals using perception, planning, reasoning, learning, communicating, decision making, and acting". (Section 1)

This AI-IA  Bill intends to create a research institution with the specific aim to monitor the development of Artifical Intellgence technology by increasing funding and investments in education. This is an initiative which represents a signifiacnt leverage for AI high level research and development (R&D).

One side of the regulatory coin is trying to render  technological development legally accountable in order to reduce and control risk and vulnerabilities. This new regulatory framework provides a mitigation of technology misuse as a huge threat employed by cybercriminals and bad intended people or even authoritarian governments.

The other side of the coin is related to the provision of high performance for business, to increase the quality of life for user, reducing costs for transport, enhancing heath care and so on by public investment in science to build up a "smarter" Artificial Intelligence. 

Joao Paro is a regulatory consultant at Compliance and Risks       Image: Nick Youngson
 
You Might Also Read:
 
The EU's New Cybersecurity Certification Framework:
 
A Cyber Compliance Economy:

 

 

 

« N Korean Hackers Are Targeting India
Louisiana Hit With A Ransom Attack »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

Wisegate

Wisegate

Wisegate is a community of IT experts providing advisory services on all areas of IT including security.

Council on Foreign Relations (CFR)

Council on Foreign Relations (CFR)

CFR is dedicated to better understanding the world and the foreign policy choices facing the USA and other countries. Cyber security is covered within the CFR topic areas.

SecWest

SecWest

SecWest is the organizer of CanSecWest, PACSEC, originator of PWN2OWN, security auditing, and virtual engagement/training.

BitSight Technologies

BitSight Technologies

BitSight transforms how companies manage information security risk with objective, verifiable and actionable Security Ratings.

Center for Identity - University of Texas at Austin

Center for Identity - University of Texas at Austin

The mission of the Center is to deliver the highest-quality discoveries, applications, education, and outreach for excellence in identity management, privacy, and security.

Intrusion

Intrusion

Intrusion provides IT professionals with the most robust tool set available for performing in-depth research and analysis of network traffic.

Polish Centre for Accreditation (PCA)

Polish Centre for Accreditation (PCA)

PCA is the national accreditation body for Poland. The directory of members provides details of organisations offering certification services for ISO 27001.

Consensys

Consensys

ConsenSys is a global blockchain company. We develop enterprise applications, invest in startups, build developer tools, and offer blockchain education.

Socure

Socure

Socure’s identity verification increases auto approval rates, reduces false positives and captures more fraud. In real time.

Ross & Baruzzini

Ross & Baruzzini

Ross & Baruzzini delivers integrated technology, consulting, and engineering solutions for safe, sustainable, and resilient facilities.

Condition Zebra

Condition Zebra

Condition Zebra has wide experience in providing IT Security Services, Training, and Certification in the field of cybersecurity.

Testhouse Ltd

Testhouse Ltd

Testhouse is a thought leader in the Quality Assurance, software testing and DevOps space. Founded in the year 2000 in London, UK, with a mission to contribute towards a world of high-quality software

Circle Security

Circle Security

Circle’s breakthrough security API unifies solutions for identity and data security into one architecture and empowers organizations to secure their identity, data and privacy in their applications.

Troye Computer Systems

Troye Computer Systems

Troye provide a complete range of digital workspace solutions that empower people to do their very best work in a safe and secure manner anywhere, anytime, using any device.

Liquid C2

Liquid C2

Liquid C2 offers leading solutions to streamline workplace operations, secure cloud storage, rapid data recovery, and scale growth.

NST Cyber

NST Cyber

NST Cyber provides comprehensive Threat Exposure Management to Global banks and Forbes 2000 companies.