Lord C-J: We urgently need to tighten data protection laws to protect children from facial recognition in schools

From the House Live November 2021

https://www.politicshome.com/thehouse/article/we-urgently-need-to-tighten-data-protection-laws-to-protect-children-from-facial-recognition-in-schools

Its use has been “temporarily paused” by North Ayrshire council after objections from privacy campaigners and an intervention from the Information Commissioner’s Office, but this is an extraordinary use of children’s biometric data for this purpose when there are so many other alternatives to cashless payment available.

"We seem to be conditioning society to accept biometric technologies in areas that have nothing to do with national security or crime prevention"

It is clear from the surveys and evidence to the Ada Lovelace Institute, which has an ongoing Ryder review of the governance of biometric data, that the public already has strong concerns about the use of this technology. But we seem to be conditioning society to accept biometric and surveillance technologies in areas that have nothing to do with national security or crime prevention and detection.

The Department for Education (DfE) issued guidance in 2018 on the Protection of Freedoms Act 2012, which makes provision for the protection of biometric information of children in schools and the rights of parents and children as regards participation. But it seems that the DfE has no data on the use of biometrics in schools. It seems there are no compliance mechanisms to ensure schools observe the Act.

There is also the broader question, under General Data Protection Regulation (GDPR), as to whether biometrics can be used at all, given the age groups involved. The digital rights group Defend Digital Me contends, “no consent can be freely given when the power imbalance with the authority is such that it makes it hard to refuse”. It seems that children as young as 14 may have been asked for their consent.

The Scottish First Minister, despite saying that “facial recognition technologies in schools don’t appear to me to be proportionate or necessary”, went on to say that schools should carry out a privacy impact assessment and consult pupils and parents.

But this does not go far enough. We should be firmly drawing a line against this. It is totally disproportionate and unnecessary.  In some jurisdictions-New York, France and Sweden its use in schools has already been banned or severely limited.

This is however a particularly worrying example of the way that public authorities are combining the use of biometric data with AI systems without proper regard for ethical principles.

Despite the R (Bridges) v Chief Constable of South Wales Police & Information Commissioner case (2020), the Home Office and the police have driven ahead with the adoption of live facial recognition technology. But as the Ada Lovelace Institute and Big Brother Watch have urged – and the Commons Science and Technology Committee in 2019 recommended – there should be a voluntary pause on the sale and use of live facial recognition technology to allow public engagement and consultation to take place.

In their response to the Select Committee’s call, the government insisted that there is already a comprehensive legal framework in place – which they are taking measures to improve. Given the increasing danger of damage to public trust, the government should rethink its complacent response.

The capture of biometric data and use of LFR in schools is a highly sensitive area. We should not be using children as guinea pigs.

I hope the Information Commissioner's Office’s (ICO’s) report will be completed as a matter of urgency. But we urgently need to tighten our data protection laws to ensure that children under the age of 18 are much more comprehensively protected from the use of facial recognition technology than they are at present.

by Tim Clement-Jones

Lord C-J Comments on National AI Strategy

The UK Government has recently unveiled its National AI Strategy and promised a White Paper on AI Governance and regulation in the near future.

MELISSA HEIKKILÄ at Politico's AI :Decoded newsletter covered my comments

https://www.politico.eu/article/uk-charts-post-brexit-path-with-ai-strategy/

UK charts post-Brexit path with AI strategy

The U.K. wants the world to know that unlike in Brussels, it will not bother AI innovators with regulatory drama.

While the EU frets about risky AI and product safety, the U.K.'s AI strategy, unveiled on Wednesday, promised to create a “pro-innovation” environment that will make the country an attractive place to develop and deploy artificial intelligence technologies, all the while keeping regulation “to a minimum,” according to digital minister Chris Philp.

The U.K.'s strategy, which markedly contrasts the EU's own AI proposed rules, indicates that it's embracing the freedom that comes from not being tied to Brussels, and that it's keen to ensure that freedom delivers it an economic boost.

In the strategy, the country sets outs how the U.K. will invest in AI applications and help other industries integrate artificial intelligence into their operations. Absent from the strategy are its plans on how to regulate the tech, which has already demonstrated potential harms, like the exams scandal last year in which an algorithm downgraded students' predicted grades.

The government will present its plans to regulate AI early next year.

Speaking at an event in London, Philp said the U.K. government wants to take a “pro-innovation” approach to regulation, with a light-touch approach from the government.

“We intend to keep any form of regulatory intervention to a minimum," the minister said. "We will seek to use existing structures rather than setting up new ones, and we will approach the issue with a permissive mindset, aiming to make innovation easy and straightforward, while avoiding any public harm while there is clear evidence that exists.”

Despite the strategy's ambition, the lack of specific policy proposals in it means industry will be watching out for what exactly a "pro-innovation" policy will look like, according tech lobby TechUK’s Katherine Holden.

“The U.K. government is trying to strike some kind of healthy balance within the middle, recognizing that there's the need for appropriate governance and regulatory structures to be put in place… but make sure it's not at the detriment of innovation,” said Holden.

Break out, or fit in?

The U.K.'s potential revisions to its data protection rules are one sign of what its strategy entails. The country is considering scrapping a rule that prohibits automated decision-making without human oversight, arguing that it stifles innovation.

Like AI, the government considers its data policy as an instrument to boost growth, even as a crucial data flows agreement with the EU relies on the U.K. keeping its own data laws equivalent to the EU's.

A divergent approach to AI regulation could make it harder for U.K.-based AI developers to operate in the EU, which will likely finalize its own AI laws next year.

“If this is tending in a direction which is diverging substantially from EU proposals on AI, and indeed the GDPR [the EU's data protection rules] itself, which is so closely linked to AI, then we would have a problem,” said Timothy Clement-Jones, a former chair of the House of Lords’ artificial intelligence liaison committee.

Clement-Jones was also skeptical of the U.K.'s stated ambition to become a global AI standard-setter. “I don't think the U.K. has got the clout to determine the global standard,” Clement-Jones said.  “We have to make sure that we fit in with the standards” he said, adding that the U.K. needs to continue to work its AI diplomacy in international fora, such as at the OECD and the Council of Europe.

In its AI Act, the European Commission also sets out a plan to boost AI innovation, but it will strictly regulate applications that could impinge on fundamental rights and product safety, and includes bans for some “unacceptable” uses of artificial intelligence such as government-conducted social scoring. The EU institutions will be far along in their legislative work on AI by the time the U.K. comes out with its own proposal.

by Tim Clement-Jones

SCL /Queen Mary Global Policy Institute Discussion: AI Ethics and Regulations

I recently took part in a panel with David Satola, Lead ICT Counsel of the World Bank, Patricia Shaw, SCL Chair and CEO, Beyond Reach Consulting, Jacob Turner, Barrister and author of ‘Robot Rules: Regulating Artificial Intelligence’  and Dr Julia Ive, Lecturer in Natural Language Processing at Queen Mary. It was chaired by Fernando Barrio, SCL Trustee and Senior Lecturer in Business Law, School of Business and Management at Queen Mary  and Academic Lead for Resilience and Sustainability, Queen Mary Global Policy Institute.

The regulatory and policy environment of Artificial Intelligence is one that is both in a state of flux and attracting increasing attention by policy makers and business leaders at a global scale. AI is having an impact on most aspects of government activities, business operations and people’s lives, and the proposals for letting the technology advance unregulated are under question, with increasing realization of the potential pitfalls of such unhindered development

Our chair asked the following questions

1- There has been much talk and debate about the need to set up ethical rules for the use of AI in different sectors of society and the economy; what are your views in relation to the establishment of such rules, vis a vis the possibility of enacting a regulatory framework for AI?

2- Assuming that there is a consensus about the need to regulate AI development and deployment: what should be the basis of such regulatory framework? (vg, risk-based, principle-based, etc)

3- In the same way that almost every aspect of ICT, AI posses challenges to the domestic regulation of its activities; what is the role you envisage of different levels of potential regulatory bodies, local, national, regional and/or global?

Here is the podcast of the session.

https://www.scl.org/podcasts/12367-ai-ethics-and-regulations?_se=bWFyay5vY29ub3JAZGxhcGlwZXIuY29t

by Tim Clement-Jones

Introduce a Health Data Trust to protect private medical data say Lib Dems

At our Autumn Conference, the Liberal Democrats have backed ambitious plans to safeguard private health data.

We called for the establishment of a five-point ‘Health Data Charter’, which will set out key tests for whether data sharing is in the interest of the public and the NHS. We also proposed a ‘Sovereign Health Data Trust’, which would bring together experts, clinicians and patient representatives to oversee the implementation and observance of the new charter.

Here is is what I said in introducing the proposal :

I am sure that as Liberal Democrats we all recognize the benefits of using health data which arises in the course of treating patients in the NHS: for research that will lead to new and improved treatments for disease, and for the purposes of public health and health services planning. It has been particularly beneficial in helping to improve the treatment of COVID. The collection of health data can help save lives.

However, we also strongly support the right of the individual to choose whether to share their data or not, and to understand how and why their health data is being used.

But increasingly the Government and- I am sad to say -agencies such as NHS Digital and NHSX, seem to think that they can share patient data with private companies with barely a nod to patient consent and the proper principles of data protection.

We can go back to December 2019 and the discovery by Privacy International that the Department of Health and Social Care had agreed to give free access to NHS England health data to Amazon, which allowed them to develop, advertise, and sell “new products, applications, cloud-based services and/or distributed software”.

In other words- for use with its Alexa device.

Then, take the situation that the health team found earlier this year with GP patient data. We had what has been described as the biggest data grab in the history of the health service. In May, NHS Digital, with minimal consultation, explanation or publicity and without publication of any data protection impact assessment, published its plans to share patients’ primary health care data collected by GP practices. Patients were given just 6 weeks to opt out.

As a result of campaigning by our health team and many others, including a group of Tower Hamlets GPs who refused to hand over patient data, Ministers first announced that implementation would be delayed until 1 September and then informed GPs by letter in July that the whole scheme would be put on hold, including the data collection.

As result of this bungled approach more than a million people have now opted out of NHS data-sharing.

The government have had to revise their approach by devising a simpler opt out system and committing to the publication of a data impact assessment before data collection starts again. They have also stated that access to GP data will only be via a Trusted Research Environment (TRE) and have had to commit to a properly thought through engagement and communications strategy.

But this is no way to gain public trust in how our NHS health data is used.

The Government must gain society's trust through honesty, transparency and rigorous safeguards. The data held by the NHS must be considered as a unique source of value held for the national benefit. If we are to retain public trust in the use of Health data, we need a new framework of a Health Data Charter as clearly set out in the motion. We need a guarantee that our health data will be used in an ethical manner, assigned its true value, and used for the benefit of UK healthcare.

A recent report by EY estimated this data could be worth around £10 billion a year in the benefit delivered. Any proceeds from data collaborations that the Government agrees to, integral to any ‘replacement’ or ‘new’ trade deals, should be ring-fenced for reinvestment in the health and care system with a Sovereign Health Data Trust.

Retaining control over our publicly generated data, particularly our health data, for planning, research and innovation is vital if the UK is to maintain its position as a leading life sciences economy and innovator. As we set out in the motion, all health data must be held anonymously and accessed through a Trusted Research Environment.

We need to restore credibility and trust through:

• Guaranteeing greater transparency in how patient data is handled, where it is stored and with whom, and what it is being used for.
• Allowing the public to have a say in how NHS data is used.
• Appropriate and sufficient regulation that strikes the right balance between credibility, trust, ethics and innovation.
• Ensuring service providers that handle patient data operate within a tight ethical framework.

At the moment that Trust is being lost.

Conference, our Health Data Charter and Sovereign Health Data Trust is the way to restore it.

This is the motion:

Conference believes that:

1. Data collection and sharing are important and have been instrumental in advancing medical capabilities and improving population health.
2. Individuals have the right to understand how and why their health data is being used.

III. Understanding and transparency is key to public trust and confidence in data sharing initiatives.

1. The wealth of data held by the NHS should be used for the benefit of the health service and improving people’s health only.
2. Health data should never be shared for marketing or insurance purposes.

Conference calls for the creation of a Health Data Charter that will:

i) Set out the fundamental principles and responsibilities for assessing whether a data sharing partnership is in the interest of the public and the NHS.

ii) Aim to ensure trust in the Government’s handling of health data, by laying out stringent principles that will help protect people’s privacy and their data from exploitation.

iii) Lay out ways to retain and protect the value of the nation’s health data.

Conference further calls for the creation of a Sovereign Health Data Trust that will:

a) Comprise a diverse, independent and balanced board of experts, clinicians and patient representatives which will be responsible for overseeing the implementation and observance of the Charter.

b) Have continuous oversight of all health data; with not only the power to grant access, but also the power to recall or restrict an organisation’s access if it has reason to believe that the data is not being used for public or patient benefit.

c) Be designed in such a way as to render it interoperable with the European Health Data Space in technical and in semantic terms, including through the promotion of Findable, Accessible, Interoperable and Reusable (FAIR) data principles within the NHS.

Conference endorses the Liberal Democrats’ proposed Health Data Charter as follows:

1. Access to health data must be for public and patient benefit – this benefit will be defined by the Sovereign Health Data Trust with input from external experts and the public; the Trust will also determine whether an organisation can access the data for such purposes and can rescind access at any time.
2. No data shall be shared with an organisation without complete transparency – all health data contracts entered into by a public body must be published publicly and in a timely manner, as should detailed minutes for all meetings, including meetings of the Sovereign Health Data Trust, and details of the organisation requesting use of the data, such as its sources of funding, ownership and intentions.
3. All health data collection and sharing initiatives must be preceded by public consultation, involvement and awareness – public trust is key to any sharing of health data; this trust must be built through awareness and consultation with the public to ensure there is a solid understanding of the benefits of sharing health data with external organisations and bodies.
4. The value of all health data must be retained by the NHS – people’s health data belongs to them and any value derived from it should be for everyone’s benefit; when data is used to develop new medicines or treatments, by research organisations or commercial enterprises, a share of the income generated should therefore be invested back into the healthcare system and the NHS.
5. All health data must be held anonymously and accessed through a Trusted Research Environment – this Environment will be overseen by the Trust and will ensure that no data is handed over to an organisation indefinitely and therefore outside the governance of the Trust; it will also mean that personal data can be retrieved should a person wish to opt out at any time, and access granted to an external organisation withdrawn, should it be found they are not using the data as agreed.
6. Consent processes must include plain language terms, and formats accessible to disabled people and people with low literacy.

by Tim Clement-Jones

Opening the new AI and Innovation Centre at Buckingham University

Great to open the new centre with the assistance of Spot the Boston Dynamics dog!

Here is what I said  

I am thrilled to assist with the opening of this trailblazing Artificial Intelligence and Innovation Centre. It’s fantastic to see this collaboration between the Buckinghamshire Local Enterprise Partnership through its Growth Fund and the University which will result in pioneering AI, cyber and robotics, help to produce the next generation of leaders in computing and the development of ground-breaking technology in Buckinghamshire, working especially with the Silverstone Park and Wescott Enterprise Zone.

Many of us -including Silicon Valley Billionaires it seems-read science fiction for pleasure, inspiration, and as a way of coming to terms with potential future technology . But little did I think when young and I read Isaac Asimov’s Foundation Trilogy or watched RUR the 1920 science-fiction play by Karel Capek, that invented the word “robot”, that I would many years later be helping open an AI and Innovation Centre at a major university!

 It is significant that the Centre is not just located within the School of Computing (home to Spot the Boston Dynamics Dog and Birdly, the VR bird experience) but it is part of the University’s Faculty of Computing, Law and Psychology and I was particularly delighted to hear of the existing cross disciplinary faculty work on Games and VR, Fintech law, and human robotics interaction, cyber bullying and cyber psychology.

As a lawyer, my own involvement I think demonstrates the cross disciplinary nature nowadays of so much to do with AI and machine learning. The Lords Select Committee on AI which I chaired a few years ago emphasized this in calling for an ethical framework for the development and application of AI. Working that through to regulation, nationally and internationally will involve cross disciplinary skills and knowledge. AI developers need to have a broad understanding of the societal and ethical context in which they operate as well as technical skills.

Asimov’s 3 laws of robotics were a deliberate response to the kind of situation depicted in R.U.R, so the need for ethics and regulation was conceived from the dawn of AI and robotics. You may also remember of course that the centrepiece of the Foundation Books, Hari Seldon (no relation) creates the Foundations—two groups of sociologists, scientists and engineers at opposite ends of the galaxy—to preserve the spirit of science and civilization, and thus become the cornerstones of the new galactic empire. Early cross disciplinarity!

 On an international if not galactic stage however, the University can take great pride in hosting the Institute for Ethical AI in Education which I had the privilege of chairing and which developed a highly influential Ethical Framework for AI in Education which will I hope stand the test of time.

This brings me on to another aspect of cross disciplinarity- creativity. Creative skills in how to use AI and other new technology will be vital. Take for example the play “AI” recently featured in Rory Cellan-Jones’ BBC Technology blog. This is a new a play developed alongside AI using the deep-learning system GPT-3 to generate human-like dialogue and script, and as they describe it  “As artists and intelligent systems collide, AI asks us to consider the algorithms at work in the world around us, and what technology can teach us about ourselves”. Reassuringly the director and Rory both concluded that human input for a fully satisfying dramatic product was still essential!

Another aspect which cross disciplinary work brings is to ensure wider perspectives to the development of AI and other new technology.  Diversity in those who oversee the development and application of AI is crucial, as we  highlighted in our original AI Select Committee Report. Failing this as we said we will fail to spot bias in the data sets and repeat the prejudices of the past.

Finally, I wanted to highlight the leadership that the University and Buckinghamshire LEP are showing in this fied. Our AI Select Committee were confident that the UK could and would punch well above its weight in the development of AI and play an important international leadership role in both technological and ethical aspects. I congratulate you both for your vision in setting up the Centre which looks set fair to make a huge contribution to the UK’s leadership role. 

by Tim Clement-Jones

Lord C-J : More Action on Algorithmic Decision Making Needed from Government to Uphold Nolan Standards

The Lords recently held a fascinating debate on Standards in Public Life. Here is what I said about the standards we need to apply to algorithmic decision making in Government. 

https://hansard.parliament.uk/Lords/2021-09-09/debates/4529BCC1-117D-4E8A-9DD8-A07CA472CD65/StandardsInPublicLife#contribution-AFAE87BA-AE61-4C0B-A79D-64627483A04F

by Tim Clement-Jones

Lord Clement Jones calls for immediate moratorium on live facial recognition

POSTED ON 19TH NOVEMBER 2020 BY GEORGIA MEYER

The rise of facial recognition technology has been described as “Orwellian” by Met Police Chief Cressida Dick.

Source: https://pixabay.com/illustrations/face-detection-scan-scanning-4791810/

Artificial intelligence technologies that are  candidates for potential regulation were outlined in a speech to the  Institute of Advanced Legal Studies’ annual conference.

A member of the House of Lords has called for an immediate halt to police use of live facial-recognition technology, during a speech to legal academics.

Liberal Democrat peer Lord Clement-Jones outlined his opposition to a range of AI technologies during his speech  at the Institute of Advanced Legal Studies’ annual conference.

The peer, who is the co-chair of the parliamentary group on Artificial Intelligence, has previously proposed a private member’s bill in Parliament which seeks to ban the use of facial recognition in public places. The bill, which was tabled in February, is currently waiting for its second reading.

During his speech, Lord Clement-Jones outlined the wide variety of uses of AI in public life, many of which are positive, but highlighted certain areas that he believes should be “early candidates for regulation”.

These include the use of algorithmic decision-making in policing, the criminal justice system, recruitment processes, financial credit scoring and insurance premium setting. The peer sees the technologies as lacking transparency and accountability.

Lord Clement-Jones told the conference  that current EU legislation is overly data-centric and fails to take account of the nuanced ways that algorithmic decision-making is being applied to many areas of our lives. The development of a ‘risk-mechanism’ in the law, to assess ethical dilemmas on a case by case basis, is critical, he said.

His remarks come a week after the UK Minister for Data, John Whittingdale, gave an upbeat speech about “unlocking the power of data and artificial intelligence to catalyse economic growth” in a post-Brexit UK, during his speech at the Open Data Institute.

by Tim Clement-Jones

Catalizing Cooperation:Working Together Accross AI Governance Initiatives

Here is the text and video of what I said at this stimulating and useful event hosted by the International Congress for the Goverance of AI

https://www.youtube.com/watch?v=z_uji0LolLA

It is now my pleasure to introduce Lord Clement-Jones, also in a video presentation. He is the former chair of the House of Lords Select Committee on AI. He is the co-chair of the All-Party Parliamentary Group on AI, and he is a founding member of the OECD Parliamentary Group on AI and a member of the Council of Europe's ad hoc Committee on AI (CAHAI).

LORD TIM CLEMENT-JONES: Hello. It is great to be with you.

Today I am going to try to answer questions such as: What kind of international AI governance is needed? Can we build on existing mechanisms? Or does some new body need to be created?

As the House of Lords in our follow-up report, "AI in the UK: No Room for Complacency," last December strongly emphasized, it has never been clearer, particularly after this year of COVID-19 and our ever-greater reliance on digital technology, that we need to retain public trust in the adoption of AI, particularly in its more intrusive forms, and that this is a shared issue internationally. To do that, we need, whilst realizing the opportunities, to mitigate the risks involved in the application of AI, and this brings with it the need for clear standards of accountability.

The year 2019 was the year of the formulation of high-level ethical principles in the field of AI by the OECD, the European Union, and the G20. These are very comprehensive and provide the basis for a common set of international standards. For instance, they all include the need for explainability of decisions and an ability to challenge them, a process made more complex when decisions are made in the so-called "black box" of neural networks.

But it has become clear that voluntary ethical guidelines, however much they are widely shared, are not enough to guarantee ethical AI, and there comes a point where the risks attendant on noncompliance with ethical principles is so high that policymakers need to accept that certain forms of AI development and adoption require enhanced governance and/or regulation.

The key factor in 2020 has been the work done at international level in the Council of Europe, OECD, and the European Union towards putting these principles into practice in an approach to regulation which differentiates between different levels of risk and takes this into account when regulatory measures are formulated.

Last spring the European Commission published its white paper on the proposed regulation of AI by a principle-based legal framework targeting high-risk AI systems. As the white paper says, a risk-based approach is important to help ensure that the regulatory intervention is proportionate. However, it requires clear criteria to differentiate between the different AI applications, in particular in relation to the question or not of whether they are high-risk. The determination of what is a high-risk AI application should be clear, easily understandable, and applicable for all parties concerned.

In the autumn the European Parliament adopted its framework for ethical AI to be applicable to AI, robotics, and related technologies developed, deployed, and/or used within the European Union. Like the Commission's white paper, this proposal also targets high-risk AI. As well as the social and environmental aspects notable in this proposed ethical framework is the emphasis on human oversight required to achieve certification.

Looking through the lens of human rights, including democracy and the rule of law, the CAHAI last December drew up a feasibility study for regulation of AI, which likewise advocates a risk-based approach to regulation. It considers the feasibility of a legal framework for AI and how that might best be achieved. As the study says, these risks, however, depend on the application, context, technology, and stakeholders involved. To counter any stifling of socially beneficial AI innovation and to ensure that the benefits of this technology can be reaped fully while adequately tackling its risks, the CAHAI recommends that a future Council of Europe legal framework on AI should pursue a risk-based approach targeting the specific application context, and work is now ongoing to draft binding and non-binding instruments to take the study forward.

If, however, we aspire to a risk-based regulatory and governance approach, we need to be able to calibrate the risks, which will determine what level of governance we need to go to. But, as has been well illustrated during the COVID-19 pandemic, the language of risk is fraught with misunderstanding. When it comes to AI technologies we need to assess the risks by reference to the nature of AI applications and the context of their use. The potential impact and probability of harm, the importance and sensitivity of use of data, the application within a particular sector, the affected stakeholders, the risks of non-compliance, and whether a human in the loop mitigates risk to any degree.

In this respect, the detailed and authoritative classification work carried out by another international initiative, the OECD Network of Experts on AI working group, so-called "ONE AI," on the classification of AI systems comes at a crucial and timely point. This gives policymakers a simple lens through which to view the deployment of any particular AI system. Its classification uses four dimensions: context, i.e., sector, stakeholder, purpose, etc.; data and input; AI model, i.e., neural or linear, supervised or unsupervised; and tasks and output, i.e., what does the AI do? It ties in well with the Council of Europe feasibility work.

When it comes to AI technologies we need to assess the risks by reference to the nature of the AI applications and their use, and this kind of calibration, a clear governance hierarchy, can be followed depending on the level of risk assessed. Where the risk is relatively low, a flexible approach such as a voluntary ethical code without a hard compliance mechanism, can be envisaged, such as those enshrined in the international ethical codes mentioned earlier.

Where the risk is a step higher, enhanced corporate governance using business guidelines and standards with clear disclosure and compliance mechanisms needs to be instituted. Already at international level we have guidelines on government best practice, such as the AI procurement guidelines developed by the World Economic Forum, and these have been adopted by the UK government. Finally we may need to introduce comprehensive regulation, such as that which is being adopted for autonomous vehicles, which is enforceable by law.

Given the way the work of all of these organizations is converging, the key question of course is whether on the basis of this kind of commonly held ethical evaluation and risk classification and assessment there are early candidates for regulation and to what extent this can or should be internationally driven. Concern about the use of live facial recognition technologies is becoming widespread with many U.S. cities banning its use and proposals for its regulation under discussion in the European Union and the United Kingdom.

Of concern too are technologies involving deep fakes and algorithmic decision making in sensitive areas, such as criminal justice and financial services. The debate over hard and soft law in this area is by no means concluded, but there is no doubt that pooling expertise at international level could bear fruit. A common international framework informed by the work so far of the high-level panel on digital cooperation, the UN Human Rights Council, and their AI for Good platform, and brokered by UNESCO, where an expert group has been working on a recommendation on the ethics of artificial intelligence. The ITU or the United Nations itself, which in 2019 established a Centre for Artificial Intelligence and Robotics in the Netherlands, could be created, and this could gain public trust for establishing that adopters are accountable for high-risk AI applications and at the same time allay concerns that AI and other digital technologies are being over-regulated.

Given that our aim internationally on AI governance must be to ensure that the cardinal principle is observed that AI needs to be our servant and not our master, there is cause for optimism that experts, policymakers, and regulators now recognize that they have a duty to ensure that whatever solution they adopt they recognize ascending degrees of AI risk and that policies and solutions are classified and calibrated accordingly.

Regulators themselves are now becoming more of a focus. Our House of Lords report recommended regulator training in AI ethics and risk assessment, and I believe that this will become the norm. But even if at this juncture we cannot yet identify a single body to take the work forward, there is clearly a growing common international AI agenda, and—especially I hope with the Biden administration coming much more into the action—we can all expect further progress in 2021.

Thank you.

by Tim Clement-Jones