DP News – Week 17. Ireland’s supervisory authority will adopt the Meta EU-US decision about international transfers in mid-May, AI Act draft is supplemented with rules for foundation AI models.

***

After the European Data Protection Board (EDPB) adopted a decision as to the legality of the data transfers to the United States by Meta for its Facebook service, the lead supervisory authority (DPC in Ireland) is now set to adopt its final decision. As Helen Dixon (the Irish data protection commissioner) mentioned, her office expects this to happen on May 12th. Potentially, Meta may face a ban imposed on its EU-US data flows, but at the same time it is still hard to say how this will factually affect Meta’s operation in the EU, nor is it clear would the implications would be for other companies heavily reliant on the EU-US data transfers.

***

The European Parliament’s profile committee initially expected to have voting around the AI Act draft on April 26th, but it was, however, postponed to a later date. The reason for that is the desire of EU lawmakers to discuss more thoroughly the proposed amendments relating to foundation AI models (like ChatGPT), which require stricter rules, as opposed to so-called “general purpose AI”.

According to the classification of Stanford university, foundation model is “an AI system model that is trained on broad data at scale, is designed for generality of output, and can be adapted to a wide range of distinctive tasks.”

As Euractiv further reports, “Before making the foundation model available, EU lawmakers want the provider to comply with a series of requirements. These include testing and mitigating reasonably foreseeable risks to health, safety, fundamental rights, the environment, democracy and the rule of law with the involvement of independent experts. The remaining non-mitigable risks and why they were not addressed should be documented. The foundation models would have to keep appropriate levels of performance, interpretability, corrigibility, safety and cybersecurity throughout their lifecycle.In addition, the EU lawmakers also want foundation model providers to implement a quality management system to provide the relevant documents up to 10 years after the model is launched. Foundation models would also have to be registered on the EU database. Foundation models that fall in the generative AI category must comply with further transparency obligations and implement adequate safeguards against generating content in breach of EU law”.