Veridas has just become one of the first companies at a national level to carry out a ‘Diagnosis on the ethical principles of Artificial Intelligence’ with the support of PwC, a pioneering firm in this type of work. This diagnosis consists of analyzing the formal compliance with the ethical principles of artificial intelligence systems of companies and the ethical, legal, and technical framework on which these systems are developed.
Spanish and European regulation as a starting point
As regulatory starting points, we considered the National Artificial Intelligence Strategy (ENIA) of December 2020 and the European Commission’s proposed regulation on artificial intelligence (AI Act) of April 2021, which was presented as “a bill that aims to establish a regulation on AI, and to which companies will have to start complying in less than two years.“
More recently, on February 23, 2022, the European Union approved a proposal for a Directive on Corporate Sustainability Due Diligence, which aims to promote sustainable and responsible business behavior along global supply chains.
The proposed directive seeks to impose a series of obligations on companies concerning human rights and environmental impact, even defining the payment of fines and compensation by companies to people affected by the consequences of the adverse effects.
Based on the ethical, legal, and technical framework established in the current regulations and market standards, PwC developed a work program to diagnose whether organizations formally comply with these ethical principles, mainly covering the following areas:
- Privacy and Data Governance.
- Safety and Security: reliability, robustness, and accuracy.
- Responsibility and Accountability.
- Transparency and explainability.
- Principle of fairness.
- Focus on the human being: Human control and surveillance.
- Promotion of values and human rights.
- Environmental sustainability.
Veridas, blazing a trail in the Artificial Intelligence sector
Veridas strengthens its commitment to be at the forefront of transparency, auditing, and reliability of its biometric solutions.
Leire Arbona, director of the Legal and Compliance department of Veridas, describes the company’s commitment with the following words:
To the constant evaluation of solutions in their technical aspect by prestigious international institutions such as the National Institute of Standards and Technology (NIST) or in their legal aspect for compliance with current regulations on data protection or prevention of money laundering, among many others, we now add this diagnosis of an ethical nature.
Precisely these three aspects, legal, technical and ethical, are the three fundamental pillars of any “trustworthy” AI. Specifically:
- Legality: compliance with applicable laws and regulations.
- Ethics: ensuring adherence to ethical principles and values.
- Robustness: both technically and socially, even with good intentions, AI systems can cause unintended harm.
In this assignment, we have not only been observing the ethical regulations of the European Commission or the Government of Spain, but we have also focused on other relevant sources of information, such as the AI Risk Management Proposal published by NIST or use cases published by specialized media such as Harvard Business Review or MIT Technology Review.
“We have learned a lot in this process, having another independent view of our solutions and processes that have undoubtedly left us with many ideas on how to continue improving,” said Arbona.
In short, this diagnosis helps Veridas to position itself at the forefront of compliance with the ethical principles of Artificial Intelligence systems.
A legal and regulatory framework open to improvement
Through the work carried out in recent months, it has become clear that there are still areas for improvement in drafting regulations related to environmental and ethical issues.
For example, it has become clear that there is a need for guidance on documenting and auditing the compliance of artificial intelligence systems with the aforementioned ethical principles.
We have also become aware of the importance of rigorously documenting the risk analysis of artificial intelligence systems. In this regard, the NIST recommendations could be taken as a reference. However, it would be good to have a similar guide proposed by the European Commission.
The field of artificial intelligence is an ecosystem experiencing exponential growth; therefore, governments must tackle its regulation promptly. This will prevent the emergence of inappropriate and undesirable behavior by individuals or entities wishing to misuse the constant technological evolution we are facing.