With the regulation of Artificial Intelligence (AI), the European Commission is addressing one of the central issues of our time. However, a number of core legal questions are still unresolved. Against this background, the article in a first step lays regulatory foundations by examining the possible scope of a future AI regulation, and by discussing legal strategies for implementing a risk-based approach.
In this respect, I suggest an adaptation of the Lamfalussy procedure, known from capital markets law, which would combine horizontal and vertical elements of regulation at several levels. This should include, at Level 1, principles for AI development and application, as well as sector-specific regulation, safe harbors and guidelines at Levels 2-4. In this way, legal flexibility for covering novel technological developments can be effectively combined with a sufficient amount of legal certainty for companies and AI developers.
In a second step, the article implements this framework by addressing key specific issues of AI regulation at the EU level, such as: documentation and access requirements; a regulatory framework for training data; a revision of product liability and safety law; strengthened enforcement; and a right to a data-free option.
Hacker, Philipp, AI Regulation in Europe (May 7, 2020).