Global AI Regulations Roundup: Top Stories of March 2024

Securiti has initiated an AI Regulation Digest, providing a comprehensive overview of the most recent significant global developments, announcements, and changes in the field of AI regulation. This information will be regularly updated on our website, presenting a monthly roundup of key activities. Each regulatory update will include links to related resources at the bottom for your reference.

1. Singapore's New AI Data Guidelines for Transparency and Fairness

Country: Singapore
Date: 1 March
Summary: Following a period of consultation, Singapore has released advisory guidelines on the utilization of personal data by artificial intelligence (AI) systems for making recommendations and decisions.

The guidelines clarify that Singapore's Personal Data Protection Act (PDPA) governs the collection and use of personal data in AI systems. Collection and use of personal data for providing recommendations, predictions, or decisions will necessitate consent, except in cases where deemed consent or specific exceptions, such as the Legitimate Interests Exception under Section 13 of the PDPA, are applicable.

To ensure clarity and transparency, organizations are advised to include several key points in their notifications when collecting and processing personal data:

• The specific function within their product that necessitates the use of personal data (for instance, recommending movies);
• A broad overview of the types of personal data to be collected and processed (like movie viewing habits);
• A clarification of how the processed personal data is pertinent to the functionality of the product (such as utilizing users’ viewing histories to suggest movies); and
• Identification of particular data characteristics that might significantly affect the functionality of the product (for example, whether a movie was watched in its entirety or watched repeatedly).

Organizations employing AI systems are urged to maintain transparency by detailing in their written policies the practices and safeguards in place to ensure fairness and reasonableness. The document also refers to additional resources like the Model AI Governance Framework and AI Verify to facilitate adherence to these guidelines. Read more.

2. TC260 Releases Security Guidelines for Generative AI Services

Country: China
Date: 5 March
Summary: On March 1, 2024, following a public consultation held in October 2023, the National Information Security Standardization Technical Committee (TC260) unveiled the Technical Document on Basic Requirements for Security of Generative Artificial Intelligence Services.

This document sets forth essential security prerequisites for implementing generative AI services, as follows:

• A security evaluation must be performed prior to gathering data for the training of AI models.
• In cases where commercial data is utilized, it's imperative to have a legally enforceable agreement that details the data's source, quality, and security.
• For intellectual property considerations, there should be mechanisms for complaints and reporting, alongside clear communication to users about potential IP risks.
• The use of an individual's personal information requires explicit consent, and sensitive personal data in the training datasets require additional, separate consent.
• Providers of these services must critically evaluate the necessity and security of employing generative AI technologies, especially in sectors deemed as critical infrastructure, and assess their appropriateness for use by minors.
• Security assessments can be carried out internally by the service provider or outsourced to an external agency.

Furthermore, the document sheds light on the principal risks tied to both the training data and the content generated by AI. Read more.

3. India's MEITY Advises Pre-Approval for AI Products on Internet Platforms

Country: India
Date: 8 March
Summary: On March 1, 2024, the Indian Ministry of Electronics and Information Technology (MEITY) sent an advisory to all internet intermediaries and platforms, which has not yet been published on the MEITY website.

This advisory, formulated under the IT Rules of 2021, obliges intermediaries to secure government authorization prior to the introduction of AI products and to verify that their platforms do not disseminate illegal content or AI models that could bias the electoral process.

A key requirement of the advisory is the need for explicit government approval for deploying AI technologies that are either under-tested or deemed unreliable on the Indian internet, with a suggestion to use a 'consent popup' to alert users.

Intermediaries are also instructed to mark any potentially misleading content with distinct metadata to facilitate origin tracking and to provide MEITY with a report detailing actions taken and current status within a 15-day timeframe.

MEITY has specified that this advisory targets primarily large social media platforms and intermediaries rather than startups and applies specifically to AI platforms categorized as 'untested', though the criteria for 'untested' remains unspecified.

These measures signal a step towards more stringent regulation, with the anticipated Digital India Act likely to further solidify these requirements, indicating a shifting regulatory framework for AI in India. Read more.

4. EU Parliament Approves EU AI Act

Country: EU
Date: 13 March
Summary: The European Parliament has overwhelmingly approved the EU AI Act, marking a significant step towards its enactment.

Following this approval, the next stages include a formal agreement by the Council and a comprehensive linguistic review. However, these steps are largely procedural, signaling that the AI Act is set to become law.

Once published in the Official Journal, the legislation is anticipated to be enacted in April or May 2024. It will officially become effective twenty days after this publication, with full applicability commencing 24 months after effectuation. Read more.

Conclusion

Securiti's AI Regulation round serves as an invaluable resource for staying ahead of the latest global developments in the AI industry. Our commitment to providing timely updates ensures that you have access to crucial information and a better understanding of the evolving regulatory landscape in the field of AI.

The team has also created a dedicated page showcasing 'An Overview of Emerging Global AI Regulations’ around the world. Click here to delve deeper and learn more about the evolving landscape of global AI regulations.