Regulating Trust — An Ongoing Analysis of the AI Act
Card Grid View — Paper by Burden & Stenberg (2022), RISE Report
1. Triangle of Trust
- Three pillars
- CE-marking (conformity assessment)
- Regulatory oversight (national authorities)
- Quality management systems
- Purpose
- Build trust in high-risk AI systems
- Signal safety to citizens and the market
- CE-mark is the main trust-building tool
2. Three Quality Paradigms
- 1. Absolute Quality (Article 10)
- Strict requirements for training/validation data
- Data must be relevant, representative, error-free
- 2. Proportionate Quality (Article 17)
- Quality management proportional to organization size
- Controversial: may lower bar for microenterprises
- 3. Reasoning Quality
- AI system must produce valid and reliable outputs
- Focus on accuracy and explainability
3. CE-Marking & Conformity
- What is CE-mark?
- Shows a product meets EU safety requirements
- Expanded from traditional product safety to AI
- Conformity Assessment
- Verifying quality management system
- Checking technical documentation
- Monitoring products after release
- Criticism
- CE-mark was designed for physical products, not AI
- Risky to use as main trust tool for AI
4. Role of National Authorities
- New role: innovation partners
- Shift from enforcement to advisory/consulting
- Support AI innovation through regulatory sandboxes
- Why this matters
- Authorities help companies navigate AI Act
- Bridge between regulation and innovation
- New and unusual role for regulators
5. Regulatory Sandboxes
- What are they?
- Controlled environments to test AI systems
- Companies can experiment under regulatory supervision
- Four AI sandboxes tested
- Interoperable Europe Act
- Cyber Resilience Act
- Net-Zero Industry Act
- European Health Data Space
- Benefit
- Authorities become innovation partners
6. Ethics & Coverage Gaps
- Ethical guidelines NOT fully covered
- Societal and environmental well-being
- Other gaps: transparency, accountability, human oversight are partially covered
- Human Oversight (Article 14)
- Strategies to allow human intervention
- Required for high-risk AI systems
- Who decides what is AI?
- The European Commission
- Can update definitions via delegated acts
7. NLF vs OAL & Practical Challenges
- New Legislative Framework (NLF)
- Modern approach: manufacturer self-declares conformity
- Third-party assessment for high-risk products
- Old Approach Legislation (OAL)
- Government sets detailed technical specs
- Still applies to vehicles and some products
- Challenge for AI providers
- AI-based safety components may fall under both NLF and OAL
- Creates strategic dilemma for developers
- Multiple regulations increase requirements but follow similar processes