Since 2017, countries or regions such as the United States, the European Union, Germany, Canada, Japan, and Singapore have successively released legal and regulatory guidelines for the development and governance of artificial intelligence. By organizing these bills along a timeline, it can be observed that the legislative explorations undertaken by various countries and regions show a trend of gradually refining from macro guidelines and strategies to specific areas such as autonomous driving governance and data security. The governance of artificial intelligence safety is gradually deepening and becoming more concrete on a global scale.
United States - Following the Tradition of Legislative Precedence#
In order to ensure its global leadership position in the field of artificial intelligence, the United States has made numerous attempts at the administrative and legislative levels in recent years. Although only a few bills have ultimately been enacted into law, the proposal and debate process of these related bills has important reference value for the subsequent formulation and implementation of mature artificial intelligence safety governance regulations in the United States. This reflects that the United States still adheres to the idea of legislative precedence in the field of artificial intelligence, and the construction of a scientifically sound legal system will provide a solid institutional guarantee for the United States to lay out safe and controllable artificial intelligence. The specific names and main contents of the bills are as follows.
1. National Defense Authorization Act of 2019#
Date: 2019
Main Content: Based on this authorization law, the United States established the National Security Commission on Artificial Intelligence to study the progress of artificial intelligence and machine learning, as well as their potential applications in national security and military contexts. In addition, under the National Defense Authorization Act of 2019, the U.S. Department of Defense created the Joint Artificial Intelligence Center (JAIC) as the responsible agency for developing and executing the overall artificial intelligence strategy.
2. Automated Program Disclosure and Accountability Act#
Date: Initially proposed on June 25, 2018; reintroduced on July 16, 2019
Main Content: The bill requires the Federal Trade Commission to formulate regulations mandating digital platforms to publicly disclose their use of "automated software programs or processes designed to replicate human activities online." The bill assigns the task of defining "automated software programs" to the Federal Trade Commission (FTC), leaving broad interpretative space that exceeds the bill's original intent to restrict automated programs.
3. Algorithmic Accountability Act of 2019 (Draft)#
Date: October 2019
Main Content: The draft aims to prevent algorithmic automated decision-making from causing discrimination against consumers, requiring large internet platform companies to assess and eliminate risks to consumer information privacy and security posed by their automated decision-making algorithms, as well as algorithmic discrimination and bias arising from differences in race, color, religion, political beliefs, gender, or other aspects. The bill grants the FTC enforcement and regulatory powers, requiring companies to research and fix flawed algorithms that lead to inaccurate, unfair, biased, or discriminatory decisions. This bill represents the first serious attempt by the U.S. Congress to regulate artificial intelligence and the first legislative attempt in the U.S. to regulate artificial intelligence systems as a whole, rather than specific technological areas like autonomous vehicles.
4. Maintaining American Leadership in Artificial Intelligence#
Date: February 11, 2019
Main Content: Executive Order 13859, signed by then-President Trump, states that the continued leadership of the United States in the field of artificial intelligence is crucial for maintaining the U.S. economy and national security, and for shaping the global evolution of artificial intelligence in a manner consistent with American values, policies, and priorities. The aim is to stimulate the development and regulation of artificial intelligence in the U.S. by directing federal agencies to prioritize investment in research and development in the field of artificial intelligence, enhancing U.S. national and economic security, and consolidating America's global position. The bill outlines five key areas: increasing investment in AI research and development, opening AI resources, setting AI governance standards, cultivating an AI workforce, and international collaboration to protect U.S. AI advantages. AI projects are coordinated by the National Science and Technology Council's Select Committee on Artificial Intelligence. The issuance of this executive order is a milestone event in the U.S. government's promotion of artificial intelligence development and has significant guiding implications for the research and application of AI in the U.S.
5. National Artificial Intelligence Initiative Act of 2020#
Date: March 2020
Main Content: This bill incorporates multiple federal AI policies and measures, including the "American AI Initiative," which were later packaged into the National Defense Authorization Act for Fiscal Year 2021 and took effect in January 2021. The bill requires the U.S. to develop and implement a "National Artificial Intelligence Initiative" to address a series of issues facing the development of AI in the U.S. Under this bill, the White House Office of Science and Technology Policy (OSTP) announced the establishment of the National AI Initiative Office and the National AI Advisory Committee, and the creation or designation of an interagency committee to promote the implementation of the "National AI Initiative" with a more robust organizational structure.
The bill demonstrates bipartisan strong support for the U.S. government's long-term efforts in the AI field and codifies and expands many existing AI policies and initiatives. For example, it incorporates the five key tasks established by the American AI Initiative into law, expands the AI Task Force established in 2018 into a permanent body, recognizes the legal status of the National AI Research Institute established in 2020, mandates regular updates to the national AI R&D strategic plan released in 2019, and extends the key AI technology standards activities guided by the White House in 2019 to include AI risk assessment frameworks.
6. Generative Artificial Intelligence Cybersecurity Act#
Date: May 2020
Main Content: The bill aims to "ensure that the U.S. develops and implements an artificial intelligence strategy that protects American values and leadership. Identify supply chain risks and develop plans to mitigate those risks."
The bill requires the U.S. Department of Commerce and the Federal Trade Commission to clarify the advantages and obstacles of AI applications in the U.S.; investigate the AI strategies of other countries and compare them with the U.S.; assess supply chain risks and how to address those risks. Additionally, the bill requires these agencies to report their findings to Congress and develop recommendations for a national AI strategy.
7. Data Accountability and Transparency Act of 2020#
Date: June 2020
Main Content: The bill brings algorithmic automated decision-making under regulation, proposing that consumers should have the right to question the reasons for data collection and request human review and explanation of algorithmic automated decisions.
8. Government Accountability Office Act of 2020#
*** (House Resolution 2575) ***
Date: September 2020
Main Content: The bill aims to establish an "Excellence in Artificial Intelligence Center" within the General Services Administration (GSA) and requires the Office of Management and Budget (OMB) to issue a memorandum to federal agencies on AI governance methods to promote the federal government's support for the development of innovative AI applications. It also requires the Office of Science and Technology Policy to issue guidance to federal agencies on the safe application and best practices of AI.
9. Artificial Intelligence Capability and Transparency Act#
Date: May 2021
Main Content: The bill aims to implement the recommendations from the National Security Commission on Artificial Intelligence (NSCAI) final report by improving talent recruitment systems to enable agencies to adopt new AI technologies more quickly, enhancing the government's capacity and transparency in using artificial intelligence. The bill grants the Department of Defense (DOD), the Department of Energy (DOE), the Intelligence Community (IC), and the Federal Bureau of Investigation (FBI) new powers and resources to ensure that the federal government can better and more safely utilize rapidly evolving AI technologies.
10. Military Artificial Intelligence Act#
Date: May 2021
Main Content: The bill builds on the Artificial Intelligence Initiative Act (AI-IA) and the Armed Forces Digital Advantage Act, aiming to implement other recommendations related to military personnel proposed by the NSCAI, improving AI education and training programs for military personnel at all levels to better utilize artificial intelligence. Specifically, the bill enhances AI and emerging technology education and training for junior officers and Department of Defense leaders to better leverage AI in the military sector.
11. American Data Privacy and Protection Act (Draft)#
Date: June 2022
Main Content: Although the bill has not yet been formally issued, the draft is the first comprehensive federal privacy bill in the U.S. to gain bipartisan and bicameral support; it aims to establish a legal framework for consumer privacy data protection at the federal level, providing privacy rights and effective remedies for American consumers.
The draft defines "algorithm" as "a computational processing program that originates from machine learning and artificial intelligence technologies, intended to replace human involvement or assist humans, making decisions based on data processing results." The draft regulates the application of such processing technologies, reflecting the value concepts of data privacy protection in the digital age in the U.S., embodying both the international trend of strengthening personal data rights protection and facilitating the release of data value, such as "opt-out" mechanisms, limited private litigation rights, and loyalty obligations for data processing companies.
12. Blueprint for an Artificial Intelligence Bill of Rights#
Date: October 2022
Main Content: Released by the White House, it expresses the Biden administration's vision for the future use of artificial intelligence technology, hoping to stimulate companies to build and deploy AI more responsibly and to impose restrictions on AI-based surveillance.
Although the Blueprint for an Artificial Intelligence Bill of Rights is merely a non-binding action guideline, its significance should not be underestimated. The white paper proposes guidelines that companies developing or deploying AI should voluntarily follow to protect people's information from misuse or abuse. Compliance with these guidelines will be optional until specific laws are enacted.
The document aims to "empower individuals, companies, and policymakers across America and meet President Biden's call for accountability from large tech companies" by establishing five principles for the design, use, and deployment of automated systems to protect the American public in the age of artificial intelligence. These five principles are: (1) safe and effective systems; (2) protection against algorithmic discrimination; (3) data privacy; (4) notice and explanation; (5) human alternatives, consideration, and fallback. The issuance of this document will provide guidance for the development of artificial intelligence in the U.S. from technological, economic, and military perspectives.
European Union - A Difficult Balance Between Innovation and Regulation#
Artificial intelligence has characteristics such as ambiguity, complexity, autonomy, and unpredictability, which may pose various risks and issues to society. To ensure that the development of artificial intelligence respects human rights and is safe and trustworthy, the European Union released the first draft of the Artificial Intelligence Act on April 21, 2021, exploring "hard law" support for AI governance, aiming to promote innovation and set a global standard, with AI technology being widely applied in various fields from autonomous vehicles and chatbots to current automated factories in China and the U.S.
1. Artificial Intelligence Act#
Date: April 21, 2021
In March 2023, the draft of this bill was submitted for a first reading in the European Parliament. If passed, it will become binding law that can be directly applied within EU member states and will also have significant reference value for the formulation of international AI safety-related rules. Therefore, the content of this "Artificial Intelligence Act" will be highlighted separately.
Nature of Regulation
A unified legal framework within the EU, the world's first systematic regulation of artificial intelligence. It marks an acceleration from "soft law" with principled constraints to "hard law" with more substantive regulation in AI governance.
Governance Objectives
Protect human rights, promote EU values, and ensure the free movement of AI goods and services.
Scope of Regulation
AI systems marketed, put into service, and used within the EU (including those developed and used outside the EU but whose output data is used within the EU), excluding those developed for military purposes.
Governance Mechanism
-
Overall Supervisor: The newly established European Artificial Intelligence Board.
-
Announcement Regulation: Member states designate supervisory agencies responsible for enforcement and report regularly to the board.
-
Special Responsibility: Proposes to develop voluntary codes of conduct for non-high-risk AI systems and establish regulatory sandboxes to promote innovation.
Other EU AI Safety-Related Laws and Regulations are introduced as follows:
2. General Data Protection Regulation#
Date: Passed in 2016, effective in 2018
Main Content: Developed by the EU to address the collection and use of user data in the internet age. It replaces the Data Protection Directive passed by the EU in 1995, adapting to cloud computing, the internet, and big data. The regulation aims to limit the processing of personal information and sensitive data by internet and big data companies, thereby protecting the rights of data subjects. Additionally, the GDPR has direct applicability in EU member states, eliminating the need for member states to convert it into domestic law.
3. Ethical Guidelines for Trustworthy Artificial Intelligence#
Date: 2019
Main Content: The guidelines include seven elements: human agency and oversight, technical robustness and safety, privacy and data management, transparency, diversity and non-discrimination, fairness, societal and environmental well-being, and accountability.
4. Data Governance Act#
Date: Effective June 2022
Main Content: The bill was first proposed in November 2020 and is the first legislative draft under the European Data Strategy framework. Overall, the Data Governance Act emphasizes regulatory innovation, encourages data sharing, and improves data utilization efficiency, thereby allowing the flow of data resources to serve higher public policy goals. First, it establishes a mechanism for the re-use of data held by the public sector. Second, it creates a framework to promote the development of data intermediary organizations. Third, it provides normative guidance for altruistic data behavior.
Furthermore, Chapter 6 of the Data Governance Act establishes the European Data Innovation Board to provide advisory opinions on issues including data sharing service providers, cross-industry data sharing, and data re-use.
Other Major Countries - Different Focuses Based on National Strategies#
In addition to the United States and the European Union, Japan, Singapore, Canada, and Germany are at the forefront of legislation in the field of AI safety, each forming a legislative direction based on their technological capabilities and strategic development needs. For instance, Japan has always emphasized cooperation among government, industry, and academia in cutting-edge technology and has accumulated rich experience. Therefore, when facing legal issues brought about by AI safety, it chooses to start from personal information and data protection, promoting the formation of a collaborative R&D network between the government and enterprises to build an ecosystem conducive to AI safety development. Germany, in its legislative activities, focuses on leveraging its industrial resource advantages, attempting to create a German characteristic of AI integrated with "Industry 4.0." Thus, its AI safety-related legislation pays close attention to the impact of technology on the economy and life, focusing on themes that improve human economy and life, such as autonomous driving and smart healthcare. Singapore and Canada focus on the immense value of AI as a strategic technology for empowering the economy and society, conducting related legislation starting from data and safety regulation to promote AI as a core driving force in their digital transformation waves. The main contents of AI safety-related laws and regulations from other major countries are as follows:
1. Personal Data Protection Act (Amendment)#
Country: Singapore
Date: Passed in November 2020
Main Content: This amendment provides basic guidelines for personal data protection in Singapore, supplementing the legislative and regulatory framework for specific industries, aiming to protect the personal data of data subjects and regulate the data processing behavior of data processors.
2. Autonomous Driving Act#
Country: Germany
Date: July 2021
Main Content: The bill aims to provide legal basis and regulatory framework for the operational implementation of autonomous driving technology. One of the bill's highlights is providing a legal basis for the routine operation of vehicles equipped with Level 4 autonomous driving systems in designated areas on public roads, stipulating corresponding technical requirements, driving conditions, and data processing rules. Germany thus becomes the first country in the world to allow autonomous vehicles to participate in daily traffic and be applied nationwide.
Another highlight of the bill is the establishment of a technical supervisor system for "autonomous driving functions." Accordingly, the owner of the smart vehicle is obligated to take necessary measures to maintain road safety and vehicle environmental compatibility and bear corresponding legal responsibilities. These obligations include regularly maintaining systems to ensure the normal functioning of autonomous driving features, taking preventive measures to comply with traffic rules, and fulfilling technical supervision obligations. To fulfill this obligation, the vehicle owner must designate a knowledgeable individual to act as a technical supervisor to remotely monitor the vehicle and intervene in the autonomous driving system.
3. Personal Information Protection Act (Amendment)#
Country: Japan
Date: August 2021
Main Content: The amendment mainly involves six aspects: (1) rights of data subjects; (2) corporate responsibilities; (3) corporate self-improvement mechanisms; (4) data usage strategies; (5) penalties; (6) extraterritorial applicability of the bill and cross-border data transfer.
Additionally, the amendment introduces concepts such as "personal information requiring special attention," "personal-related information," and "pseudonymized information"; it strengthens the obligation of cross-border transferors to inform data subjects during cross-border data transfers. The aim is to enhance the protection of personal information by expanding the rights of data subjects and increasing corporate obligations.
4. Artificial Intelligence and Data Act#
Country: Canada
Date: June 2022
Main Content: This bill aims to regulate international and interprovincial trade and commerce in artificial intelligence systems. To this end, the bill stipulates that measures should be taken to reduce the risks of harm and biased outputs associated with high-impact AI systems; provide public reports on AI; authorize the Minister of Innovation, Science and Industry to develop policies related to AI systems and establish prohibitions on "owning or using illegally obtained personal information" to protect data privacy rights and ensure the safe and reliable design, development, use, or provision of AI systems.
Conclusion - Growing Attention to AI Legislation#
From the above overview, it can be felt that major developed countries and regions around the world have recognized the importance of AI safety legislation. Starting from key issues in artificial intelligence, they are actively drafting and issuing laws and regulations related to AI safety governance, and the level of legalization of international AI safety governance is gradually improving. Moreover, these legislative activities often carry distinct national characteristics, such as the EU's pioneering exploration of a unified legal framework under integration trends, and Germany's AI safety legislative direction aligning with its Industry 4.0 strategy. Essentially, this reflects the commitment to ensuring that the development of artificial intelligence always serves the security of the region or country.