Home → Magazine Archive → April 2022 (Vol. 65, No. 4) → Recommender Systems Under European AI Regulations → Abstract

Recommender Systems Under European AI Regulations

By Tommaso Di Noia, Nava Tintarev, Panagiota Fatourou, Markus Schedl

Communications of the ACM, Vol. 65 No. 4, Pages 69-73

[article image]

The European Commission (EC) has acknowledged the importance artificial intelligence (AI) plays in forming Europe's future, identifying AI as the most strategic technology of the 21st century.a With a recent proposal on a Regulation Laying Down Harmonised Rules on Artificial Intelligenceb (EU Regulatory Framework for AI), the EC aims at introducing the first comprehensive legal framework on AI, which will identify specific risks for AI, provide a collection of high-risk application domains, propose specific requirements that AI systems should meet when used in such domains, and define obligations for users and providers (U.S. regulatory development relating to AIc). What clearly emerges from these efforts is the need for an AI that behaves in a responsible way. A clear and globally accepted definition of responsibility for AI systems is still under development, but will likely include notions such as fairness, security and privacy, explain-ability, safety, and reproducibility. Although safety and reproducibility are fundamental issues in AI research and its industrial application, we will not cover them here since they are requirements in many areas of technology, therefore not specific to AI.

According to the EC regulation, AI should be used in compliance with the E.U. Charter of Fundamental Rights,d including the right not to be discriminated against, the respect for private life, and the protection of personal data. The regulation also stresses the "obligations for ex ante testing, risk management and human oversight of AI systems to minimize the risk of erroneous or biased AI-assisted decisions in critical areas such as education and training, employment, important services, law enforcement and the judiciary." High-risk AI systems should meet specific legal requirements in relation to data management, documentation, human oversight, transparency, robustness, accuracy, and security. According to Article 10, "training, validation and testing data sets shall be subject to appropriate data governance and management practices" which shall concern, in particular, "examination in view of possible biases" and "identification of any possible data gaps or shortcomings, and how those gaps and shortcomings can be addressed." On the other hand, Article 15 is devoted to accuracy, robustness, and cybersecurity: high-risk AI systems must achieve all three throughout their entire life cycle to a satisfactory degree based on state-of-the-art security and privacy-preserving measures. The regulation makes it also clear that "AI systems should be sufficiently transparent, explainable and well-documented" (Article 13).


No entries found