Regulatory Plans For Artificial Intelligence & Algorithms

Regulation of the powerful and fast growing Technology Industry is fast  becoming a hot topic of concern for government due to its many impacts upon nations and societies, both good and bad. 

In order to better shape those issues involving technology, it is important understand two basic conceptions which are pillars in the current technology deployment: Algorithms and Artificial Intelligence (AI).  By Joao Paro.

The positive impacts of these technolgies are those related to the fact that technology can be very useful to help  daily life. No one could deny that is easier and more comfortable being guided by algorithms and artificial Intelligence when we are driving, choosing prices and making shops. The negative aspects  can be defined by the vulnerabilities that flow from the uses of these technologies. These include questions like:

  • How to get the technology accountable?
  • In which terms we should mitigate risks and protect our privacy from the unstoppable development of technology?

In particular, the misuse of algorithms and artificial intelligence to manipulate public opinion, eroding freedom and democratic principles by spreading fake news and dividing people with misinformation.  Two new pieces of legislation to regulate the use of Artifilcial Intelligence and Algorithms are under consideration by the US Congress .

Artificial Intelligence can be defined as "the theory and development of computer systems able to perform tasks normally requiring human intelligence, such as visual perception, speech recognition, decision-making, and translation between languages". Algorithms can be defined as a "current term of choice for a problem-solving procedure, algorithm, is commonly used nowadays for the set of rules a machine (and especially a computer) follows to achieve a particular goal. Howver, it does not always apply to computer-mediated activity."

Both the Articial Intelligence and Algorithms are expected to subject to regulation by the US government  and there are two new pieces of  legislation are under consideration by the US Congress.

The Bill H. R. 2231 called "Algorithmic Accountability Act of 2019", was first  introduced in the House by the Republican Congressman Yvette Clarke in April 2019 in order "to require entities that use, store, or share personal information to conduct automated decision system impact assessments and data protection impact assessments". Basically, this Bill, which is currenly being assessed by the US Congress, lays down definitions for an automated decision system and its impacts withe the  aim to regulate it. 

Two of the definitions are sensitive for the accountability intention in the proposed bill, as quoted below:

Section 2.1 provides that automated decision system "means a computational process, including one derived from machine learning, statistics, or other data processing or artificial intelligence techniques, that makes a decision or facilitates human decision making, that impacts consumers". 

Section 2.2 defines automated decision system impact assessment as a "study evaluating an automated decision system and the automated decision system’s development process, including the design and training data of the automated decision system, for impacts on accuracy, fairness, bias, discrimination, privacy, and security that includes".

A second bill was introduced in the US Senate in May 2019. The Bill S. 1558 called “Artificial Intelligence Initiative Act” or “AI–IA” intends to introduce a regulation for the development of AI technology. The proposed Bill aims "to establish a coordinated Federal initiative to accelerate research and development on artificial intelligence for the economic and national security of the United States, and for other purposes".

This bill is recognizing the necessity for a creation of the "National Artificial Intelligence Initiative, including a comprehensive strategy for and coordination across agencies on research and development on artificial intelligence". (Section 2). SThe Algorithm Accountability Bill it brings in some important definitions on the matter. The main one is:

"(1) ARTIFICIAL INTELLIGENCE.—The term “artificial intelligence” includes the following:
(A) Any artificial system that performs tasks under varying and unpredictable circumstances without significant human oversight, or that can learn from experience and improve performance when exposed to data sets.
(B) An artificial system developed in computer software, physical hardware, or other context that solves tasks requiring human-like perception, cognition, planning, learning, communication, or physical action.
(C) An artificial system designed to think or act like a human, including cognitive architectures and neural networks.
(D) A set of techniques, including machine learning, that is designed to approximate a cognitive task.
(E) An artificial system designed to act rationally, including an intelligent software agent or embodied robot that achieves goals using perception, planning, reasoning, learning, communicating, decision making, and acting". (Section 1)

This AI-IA  Bill intends to create a research institution with the specific aim to monitor the development of Artifical Intellgence technology by increasing funding and investments in education. This is an initiative which represents a signifiacnt leverage for AI high level research and development (R&D).

One side of the regulatory coin is trying to render  technological development legally accountable in order to reduce and control risk and vulnerabilities. This new regulatory framework provides a mitigation of technology misuse as a huge threat employed by cybercriminals and bad intended people or even authoritarian governments.

The other side of the coin is related to the provision of high performance for business, to increase the quality of life for user, reducing costs for transport, enhancing heath care and so on by public investment in science to build up a "smarter" Artificial Intelligence. 

Joao Paro is a regulatory consultant at Compliance and Risks       Image: Nick Youngson
 
You Might Also Read:
 
The EU's New Cybersecurity Certification Framework:
 
A Cyber Compliance Economy:

 

 

 

« N Korean Hackers Are Targeting India
Louisiana Hit With A Ransom Attack »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

ComSec LLC

ComSec LLC

ComSec perform threat assessments to identify vulnerabilities and help protect businesses against corporate espionage via electronic eavesdropping.

Cyber Threat Intelligence Network (CTIN)

Cyber Threat Intelligence Network (CTIN)

CTIN provides cyber threat intelligence services including training, platform evaluation, ISAC/ISAO systems development and counter botnet operations.

(ISC)2

(ISC)2

(ISC)² is an international, nonprofit membership association for information security leaders. Our information security certifications are recognized as the global standard for excellence.

NESEC

NESEC

NESEC is a specialist in information security consulting services and solutions.

Anect

Anect

Anect is a leading provider of ICT security and services for hybrid and cloud solutions.

LEADS

LEADS

LEADS is considered as a leading ICT Solution Provider and an IT partner of choice in Bangladesh.

CSIRT Italia

CSIRT Italia

CSIRT Italia is the national Computer Security Incident Response Team for Italy.

neoEYED

neoEYED

neoEYED helps banks and fintech to detect and prevent frauds using a Behavioral AI that recognizes the users just by looking at “how” they interact with the applications.

Soliton

Soliton

Soliton is a leading Japanese technology company and a pioneer in IT security solutions for protecting company resources and data from external IT security threats.

Trustify

Trustify

Trustify is a Managed Security Service Provider offering a suite of world-class Cyber Risk Management services.

Futurae Technologies

Futurae Technologies

Futurae - enabling trust and invisible security for your users on all devices and applications. Strong customer authentication (SCA) made easy.

Quad9 Foundation

Quad9 Foundation

Quad9 is a free security solution that uses DNS to protect your system against the most common cyber threats. It improves your system's performance, plus, it preserves and protects your privacy.

Cyber Defense Technologies (CDT)

Cyber Defense Technologies (CDT)

Cyber Defense Technologies provides services and turn-key solutions to secure and maintain the integrity of your organization’s systems and data against attacks.

Core4ce

Core4ce

Core4ce is a mission-oriented company that serves as a trusted partner to the national security community.

ZoobeTek

ZoobeTek

ZoobeTek are a company focused on preventing leaks related to the security of business information3.

AddSecure

AddSecure

AddSecure is a leading European provider of secure IoT connectivity and end-to-end solutions.