Artificial Intelligence (AI) regulation has increasingly been on the lips of several lawmakers, with the European Commission (EC) taking a lead part in the advancement of AI-specific laws by proposing harmonised rules on artificial intelligence (the AI Act) and modifying certain Union laws. But while the EU is pressing ahead to develop bespoke laws to govern AI, the UK still seems to be taking its somewhat restrained approach by leaving AI regulation to the existing sector-specific regulators – at least for now.

On Friday June 2, 2023, the UK Secretary of State for Science, Innovation and Technology, Chloe Smith held a roundtable brainstorming session with senior (AI) leaders at Downing Street, concerning the prospects and risks faced by the UK’s rapidly-evolving AI industry. The outcome of the meeting still seems to be in alignment with the original sentiments of avoiding direct legislation in a bid to strike a careful balance between setting regulation that effectively manages AI risks and encouraging innovation and growth, as evidenced through the government’s AI whitepaper earlier released.

From an EU perspective, there is a lot more to be mindful of: Policymakers and others in the tech industry have voiced concern about AI, particularly ‘Generative AI’, so much that there is clamour for ad-hoc rules to take effect before the AI Act (as well as the Digital Services and Markets Act – DSA and DMA) comes into full effect in the coming years. EC Executive Vice President Margrethe Vestager intimated on the creation of an AI draft code of conduct to operate in bridging the legal and regulatory gap in this regard. Most recently also, the European Commission disclosed its threat of financial penalties from August 25, 2023, for tech companies ‘with a potential to disseminate AI-generated information’ who fail to put the technology in place ‘to identify generated or manipulated images, audio and video’, in the spirit of the DSA.

As far as data protection in AI is concerned, regulators are still using existing enforcement methods to tackle any impending AI risks irrespective of the legislative approaches taken. Recently, the European Data Protection Board (EDPB) launched a task force to exchange information related to data protection enforcement; and the Italian Data Protection Authority strong-armed Open AI into making several data protection improvements in line with the GDPR. For more, you can also see our detailed breakdown of how existing data privacy laws may already regulate data-related aspects of AI. While the shape of the law is being determined, the implementation of AI appears to be gathering pace. We will keep a careful eye on these developments and will continue to update you when new information becomes available. Watch this space.