The proposed EU AI Act (AIA) is an omnibus piece of legislation. It aims to provide the world’s first “horizontal” regulatory framework for AI, not limited to one industry or domain of use. The text is currently winding its way through the corridors of the EU legislature, though the overall structure of the proposed framework is expected to remain fundamentally unchanged. This is true, at least for the purposes of the subject matter of this paper: the role of private rule-making (specifically standard-setting) in its implementation.
As has been extensively discussed and analyzed elsewhere, the legislation, in essence, proposes a risk-based framework. It distinguishes between AI practices based on whether they pose “unacceptable” (Title II), “high” (Title III), “limited” (Title IV) or “minimal/low” (Title IX) risks. The degree of regulation imposed on each category varies on a sliding scale, from unacceptable practices being prohibited outright to minimal risk implementations being subject to transparency obligations, such as flagging the use of an AI system when interacting with humans.
This note proposes to focus on the most contentious portion of this scale, namely “high risk” (Title III) systems. In short, such implementations of AI will be subject to rigorous certification, conformity assessments, and registration procedures, along with ongoing monitoring and reassessment, should substantial changes occur during the AI system’s lifecycle.
In particular, this paper zeroes in on the key role that standards adopted by European standardization organizations (“ESOs”) will play in the AIA framework. The paper will first briefly provide an overview of the role of harmonized standards in the current AIA draft and some possible implications this may have for its implementation. It will then explore the current ambiguous status of harmonized standards as “EU law,” which, on one view, at least, should be accessible to the public and subject to full judicial review while somehow respecting the legitimate intellectual property (“IP”) rights of ESOs, which are private entities. Finally, it will conclude with some broad reflections on the path forward.
Read the full story at Competition Policy International