Regulatory Plans For Artificial Intelligence & Algorithms

Regulation of the powerful and fast growing Technology Industry is fast  becoming a hot topic of concern for government due to its many impacts upon nations and societies, both good and bad. 

In order to better shape those issues involving technology, it is important understand two basic conceptions which are pillars in the current technology deployment: Algorithms and Artificial Intelligence (AI).  By Joao Paro.

The positive impacts of these technolgies are those related to the fact that technology can be very useful to help  daily life. No one could deny that is easier and more comfortable being guided by algorithms and artificial Intelligence when we are driving, choosing prices and making shops. The negative aspects  can be defined by the vulnerabilities that flow from the uses of these technologies. These include questions like:

  • How to get the technology accountable?
  • In which terms we should mitigate risks and protect our privacy from the unstoppable development of technology?

In particular, the misuse of algorithms and artificial intelligence to manipulate public opinion, eroding freedom and democratic principles by spreading fake news and dividing people with misinformation.  Two new pieces of legislation to regulate the use of Artifilcial Intelligence and Algorithms are under consideration by the US Congress .

Artificial Intelligence can be defined as "the theory and development of computer systems able to perform tasks normally requiring human intelligence, such as visual perception, speech recognition, decision-making, and translation between languages". Algorithms can be defined as a "current term of choice for a problem-solving procedure, algorithm, is commonly used nowadays for the set of rules a machine (and especially a computer) follows to achieve a particular goal. Howver, it does not always apply to computer-mediated activity."

Both the Articial Intelligence and Algorithms are expected to subject to regulation by the US government  and there are two new pieces of  legislation are under consideration by the US Congress.

The Bill H. R. 2231 called "Algorithmic Accountability Act of 2019", was first  introduced in the House by the Republican Congressman Yvette Clarke in April 2019 in order "to require entities that use, store, or share personal information to conduct automated decision system impact assessments and data protection impact assessments". Basically, this Bill, which is currenly being assessed by the US Congress, lays down definitions for an automated decision system and its impacts withe the  aim to regulate it. 

Two of the definitions are sensitive for the accountability intention in the proposed bill, as quoted below:

Section 2.1 provides that automated decision system "means a computational process, including one derived from machine learning, statistics, or other data processing or artificial intelligence techniques, that makes a decision or facilitates human decision making, that impacts consumers". 

Section 2.2 defines automated decision system impact assessment as a "study evaluating an automated decision system and the automated decision system’s development process, including the design and training data of the automated decision system, for impacts on accuracy, fairness, bias, discrimination, privacy, and security that includes".

A second bill was introduced in the US Senate in May 2019. The Bill S. 1558 called “Artificial Intelligence Initiative Act” or “AI–IA” intends to introduce a regulation for the development of AI technology. The proposed Bill aims "to establish a coordinated Federal initiative to accelerate research and development on artificial intelligence for the economic and national security of the United States, and for other purposes".

This bill is recognizing the necessity for a creation of the "National Artificial Intelligence Initiative, including a comprehensive strategy for and coordination across agencies on research and development on artificial intelligence". (Section 2). SThe Algorithm Accountability Bill it brings in some important definitions on the matter. The main one is:

"(1) ARTIFICIAL INTELLIGENCE.—The term “artificial intelligence” includes the following:
(A) Any artificial system that performs tasks under varying and unpredictable circumstances without significant human oversight, or that can learn from experience and improve performance when exposed to data sets.
(B) An artificial system developed in computer software, physical hardware, or other context that solves tasks requiring human-like perception, cognition, planning, learning, communication, or physical action.
(C) An artificial system designed to think or act like a human, including cognitive architectures and neural networks.
(D) A set of techniques, including machine learning, that is designed to approximate a cognitive task.
(E) An artificial system designed to act rationally, including an intelligent software agent or embodied robot that achieves goals using perception, planning, reasoning, learning, communicating, decision making, and acting". (Section 1)

This AI-IA  Bill intends to create a research institution with the specific aim to monitor the development of Artifical Intellgence technology by increasing funding and investments in education. This is an initiative which represents a signifiacnt leverage for AI high level research and development (R&D).

One side of the regulatory coin is trying to render  technological development legally accountable in order to reduce and control risk and vulnerabilities. This new regulatory framework provides a mitigation of technology misuse as a huge threat employed by cybercriminals and bad intended people or even authoritarian governments.

The other side of the coin is related to the provision of high performance for business, to increase the quality of life for user, reducing costs for transport, enhancing heath care and so on by public investment in science to build up a "smarter" Artificial Intelligence. 

Joao Paro is a regulatory consultant at Compliance and Risks       Image: Nick Youngson
 
You Might Also Read:
 
The EU's New Cybersecurity Certification Framework:
 
A Cyber Compliance Economy:

 

 

 

« N Korean Hackers Are Targeting India
Louisiana Hit With A Ransom Attack »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

Bittium

Bittium

Bittium provides proven information security solutions for mobile devices and portable computers.

Ideagen

Ideagen

Ideagen provides information management, safety, risk and compliance software solutions that allow organisations to achieve operational excellence, regulatory compliance and reduce risk.

Automation & Cyber Solutions (ACS)

Automation & Cyber Solutions (ACS)

Automation & Cyber Solutions delivers a range of Industrial Automation and Cyber solutions & services to sectors including Oil & Gas, Chemicals & Petrochemicals, Power and others.

CLDigital

CLDigital

CLDigital's no-code risk and resilience platform, CL360, provides leaders with risk and resilience data to make strategic and tactical continuity decisions.

Halon

Halon

Halon is a flexible security and operations platform for in-transit email.

CSIRT-NQN

CSIRT-NQN

CSIRT-NQN is the Computer Incident Response Team for the Argentine province of Neuquen.

Solidified

Solidified

Solidified is the largest audit platform for smart contracts. Our community has the highest concentration of top Blockchain security specialists and best-in-class code auditors.

OwnZap Infosec

OwnZap Infosec

OwnZap Infosec aims to digitally shield the cyberspace by offering services like Penetration Testing and Red Teaming, Infrastructure Security Testing, and Vulnerability Assessments.

Industrial Defender

Industrial Defender

Committed to ICS Cybersecurity. Industrial Defender provides a fully automated solution to discover, track and report on assets across your ICS footprint.

ImpactQA

ImpactQA

ImpactQA is a global leading software testing & QA consulting company. Ten years of excellence. Delivering unmatched services & digital transformation to SMEs & Fortune 500 companies.

AirITSystems

AirITSystems

AirITSystems offer companies comprehensive IT security solutions that take all security considerations into account and are tailored to your business.

Tetrate.io

Tetrate.io

Tetrate Service Bridge provides enterprises with a consistent, unified way to connect and secure services across an entire mesh-managed environment.

Trackd

Trackd

At trackd, we’re re-imaging vulnerability remediation for the benefit of the entire cyber security community. Automating Vulnerability Remediation without the Fear of Disruption.

Cyber Industrial Networks

Cyber Industrial Networks

Cyber Industrial Networks objective is to service the needs of industry in achieving reliable, robust and secure infrastructure that supports productivity.

Kontra

Kontra

Kontra application security training is an interactive and intuitive learning experience that engages developers.

SecuCenter

SecuCenter

Secucenter is a trusted partner for SOC services, offering security expertise in a cost-effective way.