Global AI Regulations Roundup: Top Stories of December 2024

Securiti has initiated an AI Regulation digest, providing a comprehensive overview of the most recent significant global developments, announcements, and changes in the field of AI regulation. Our website will regularly update this information, presenting a monthly roundup of key activities. Each regulatory update will include links to related resources at the bottom for your reference.

EMEA Jurisdiction

1. Dutch DPA & RDI Publish Final AI Supervision Recommendation

Date: December 2, 2024
Summary: The Dutch Data Protection Authority (AP) and the National Inspectorate for Digital Infrastructure (RDI) published their final recommendation related to AI supervision under the AI Act. Following their November 7, 2024 advice, the recommendation outlines supervisory roles for AI across various sectors and use cases with a focus on three core formats which include the following:

• Monitoring fundamental rights.
• Coordinating and cooperating under an umbrella framework.
• Overseeing prohibited AI practices and ensuring transparency.

The recommendation contains examples of supervisory responsibilities, such as regulating AI in toy robots and AI systems for warehouse task distribution. Read More.

2. Spanish DPA Publishes Results Of Hypothetical AI Training Processes’ Examination

Date: December 4, 2024
Summary: The Spanish Data Protection Authority (AEPD) has examined AI training processes and their alignment with GDPR. Tested with a hypothetical AI system, it compared a simpler single-neuron network to a complex multi-neuron network that requires extensive datasets but is prone to inefficiencies. Its examination yielded the following results, among others:

• Minimization & Accuracy: Efficient models reduce data use while achieving accurate results.
• Data Protection by Design: Thoughtful design ensures compliance and resource efficiency.
• Accountability: Measures are needed to demonstrate GDPR adherence in training.
• Efficiency & Legitimacy: Overuse of data may violate proportionality requirements. Read More.

Asia Jurisdiction

3. Singaporean Authority Issues Recommendations On AI Model Risk Management For Banks

Date: December 5, 2024
Summary: The Monetary Authority of Singapore (MAS) has issued its recommendations on AI model risk management for banks. These guidelines address various financial, operational, regulatory, and reputational risks within the sector, such as AI inaccuracies in risk assessments and issues with customer-facing systems. Key recommendations from the guidelines include:

• Governance: Update risk policies for AI, establish cross-functional oversight, and ensure ethical AI use.
• Risk Management: Identify AI usage and risks, maintain AI inventories, and assess risk materiality.
• AI Deployment: Set standards for data management, conduct independent AI reviews before deployment, and monitor AI performance. Read More.

4. Indian Data Security Council Releases Report On Risk & Opportunities Related To GenAI Impact On Cybersecurity

Date: December 6, 2024
Summary: The Data Security Council of India (DSCI) released its report titled “Reimagining Security: An Era Powered by Generative AI,” discussing the impacts of GenAI capabilities on cybersecurity, potential risks, and possible opportunities. The report also contains recommendations for major stakeholders, such as the need for greater investment in AI and data security, regular cybersecurity risk assessments, AI literary-related measures, greater collaboration between startups developing AI solutions, and the need for effective regulations by the government to promote responsible AI use and research. Read More.