Recently, Microsoft introduced and added Copilot+ to its Windows 11 operating system, a set of solutions based on artificial intelligence. This new technology requires a regulatory framework that avoids, among other things, endangering the security and privacy of users. The European Union has published Regulation (EU) 2024/1689, which establishes a harmonized legal framework for artificial intelligence (AI).
The aim of this regulation is to create a uniform standard for all members of the union. It seeks to establish the basis for the development, commercialization and use of AI that guarantees a high level of protection and security for users.
While protecting users, the aim is to boost AI innovation and competitiveness. They must also meet the high ecological standards that the union is imposing to curb climate change. Even ensuring democracy is taken into consideration.
Highlights of Regulation (EU) 2024/1689
Artificial intelligence, like many other technologies, requires a solid regulatory framework. The regulation must be clear and concise, while always ensuring the safety of users. This framework can be summarized in six key aspects:
- The text emphasizes that AI must comply with current data protection regulations. It places particular emphasis on compliance with the General Data Protection Regulation (GDPR), which seeks to prevent large technology companies from collecting personal user information and marketing it.
- They have established a set of prohibitions that segregate users by race, religion, sex, age or any other criteria. All this while avoiding possible biometric categorization and, at the same time, protecting people’s fundamental rights.
- It creates a harmonised framework that introduces a set of standardised obligations for AI operators. It aims to ensure the protection of public rights and interests throughout the EU. It also seeks to prevent segmentation or fragmentation within the union.
- There are very specific restrictions regarding the use of remote biometric identification in real time in public spaces. This practice is permitted in very specific situations and under the relevant judicial or administrative authorization.
- It specifically sets out what constitutes an AI system. Particular emphasis is placed on the ability to infer and autonomy. In addition, it establishes that high-risk AI systems will be subject to very specific and strict requirements to ensure their reliability and safety.
- The standard has interesting aspects, as it recognises the potential social, economic and environmental benefits of this new technology. In addition, it promotes and encourages development and use in different sectors such as health, agriculture, education or infrastructure management, among others.
- For high-impact AI systems, impact assessment mechanisms will be established. Impact assessments on fundamental rights will be mandatory.
- Additionally, several mechanisms are established to ensure that all the above aspects are met. The first of these will be the creation of the Artificial Intelligence Council to promote AI literacy tools and public awareness. In addition, this council will have the idea of ​​supporting knowledge of the benefits and risks of AI.
- Finally, the use of real-time biometric identification systems must be notified to the relevant regulators and authorities. These authorities must submit annual reports to the European Commission on these AIs.
