EU Proposed AI Legislation Is A Threat To Open Source Software

Governments around the world are wrestling with the best way to tackle AI safety and regulation. The EU AI Act is set to become the first comprehensive AI regulation and to offer a model for policymakers around the world.

But with this promise comes some risk. The Act may regulate upstream open source projects as if they are commercial products or deployed AI systems. Companies are now forming alliances to drive safety research for future models and the UK is pushing for a global approach.

The EU has one of the most prescriptive approaches to AI regulation and will have the first comprehensive law. And now the open source electronic community has serious concerns about a number of recent EU regulatory changes that pose a threat to the open source industry.

Firms including GitHub, Creative Commons, and Hugging Face have published a paper aimed at EU regulators requesting greater support for open source AI development in the upcoming AI Act.

Their list of suggestions to the European Parliament ahead of the final rules includes clearer definitions of AI components, clarifying that hobbyists and researchers working on open-source models are not commercially benefiting from AI, allowing limited real-world testing for AI projects, and setting proportional requirements for different foundation models.

The coalition outlined a series of suggestions for EU lawmakers in the paper, making a number of requests. These included more concise definitions of AI components and greater support and leeway for open source research into the development of AI models.

The main focus of the report is whether research and testing of AI models will be interpreted as “commercial activity” and thus subject to stringent rules under the act.

Under the EU guidelines, real-world testing of AI systems will not be granted exemption from the regulations, which the companies argued could be inhibitive to innovation and prove costly for enterprises. Instead, the coalition suggested a change in language to accommodate for testing which is done “on a limited scale with sufficient documentation and transparency to users”.

The EU Report’s Executive Summary states:

Open source, non-profit, and academic research and development play an essential role in the Artificial Intelligence (AI) ecosystem.

Continuing to support and foster this open ecosystem will be paramount to ensuring that the technology serves all EU citizens on two main accounts:

  • First, the values of sound research, reproducibility, and transparency fostered by open science are instrumental to the development of safe and accountable AI systems.
  • Second, open source development can enable competition and innovation by new entrants and smaller players, including in the EU.

The AI Act holds promise to set a global precedent in regulating AI to address its risks while encouraging innovation. A key focus here centers around whether research and testing of AI models will be interpreted as “commercial activity” and thus subject to stringent rules under the act.

These EU guidelines say that the real-world testing of AI systems will not be granted exemption from the regulations, which the companies argued could be inhibitive to innovation and prove costly for enterprises.

Instead, the coalition suggested a change in language to accommodate for testing which is done “on a limited scale with sufficient documentation and transparency to users... Research and development (R&D) is crucial to the development of beneficial, trustworthy AI systems" the paper says.

“The act should recognise that some real-world testing, including preliminary exploration of a model’s appropriateness to specific deployment conditions and allowing scrutiny and evaluation by relevant civil society organisations outside of the development chain, can be necessary and appropriate for R&D.”

ITPro:     Github:     Computing:     Tech Monitor:     Github:     Digwatch:     The Verge

You Might Also Read:

The Impact of Artificial Intelligence On Knowledge Workers:
___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

 


Cyber Security Intelligence: Captured Organised & Accessible

« Google Join With Microsoft, OpenAI & Anthropic To Regulate AI Development
Fighting Fake News Using Machine Learning & Blockchains »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Resecurity, Inc.

Resecurity, Inc.

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Dome9

Dome9

Dome9 is a cloud firewall management service that stops vulnerabilities, secures remote access, and centralizes policy management.

Electric Imp

Electric Imp

Electric Imp offers an innovative and powerful Internet of Things platform that securely connects devices with advanced cloud computing resources.

VNT Software

VNT Software

VNT's vision is to change the way complex IT problems are resolved by predicting business disruptions before they occur.

SecureAppbox

SecureAppbox

SecureAppbox provide solutions that protects the communication of sensitive data as well as advice on data security and compliance with GDPR.

TCN

TCN

TCN is an advanced System Integrator and Infrastructure Company in Albania.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

Watch this webinar to hear security experts from Amazon Web Services (AWS) and SANS break down the myths and realities of what an NGFW is, how to use one, and what it can do for your security posture.

GlobalPass

GlobalPass

Covering 200+ countries with 78 000 databases, GlobalPass provides sophisticated facial biometrics verification and deep screening, delivering peace of mind to every client.

Veratad Technologies

Veratad Technologies

Veratad Technologies, LLC is a world class provider of online/real-time Identity Verification, Age Verification, Fraud Prevention and Compliance Solutions.

Open Data Security (ODS)

Open Data Security (ODS)

Open Data Security is a market leader in the information security sector, offering services to companies, governments and individuals, helping them shield from hackers and cyber attacks.

Psybersafe

Psybersafe

Psybersafe is a hands-on, behaviour-changing training system that keeps your people and your business cyber safe.

UK Cyber Cluster Collaboration (UKC3)

UK Cyber Cluster Collaboration (UKC3)

UKC3 has been launched to support Cyber Clusters and encourage greater collaboration across regions and nations of the UK.

Sitehop

Sitehop

Sitehop is a cybersecurity technology company developing and supplying FPGA hardware-enforced cyber security solutions for networks.

Versent

Versent

Versent is an Australian-born technology company, focused on architecting, building & operating cloud native applications, data streams, platforms, and services.

Panoptic Cyber

Panoptic Cyber

Panoptic Cyber are a team of elite Armed Forces Veterans who hold a wealth of experience in Information Security, Cyber Security, Data Protection and Risk Management.

CyberSG TIG Centre

CyberSG TIG Centre

CyberSG TIG Centre aims to propel Singapore as the world’s premier cybersecurity innovation hub for economic growth.