A leaked draft of the European Commission's proposed AI regulation includes a ban on social scoring and strict limits on mass surveillance and other "high-risk" uses of AI. The draft regulation would generally prohibit AI which "manipulates human behaviour, opinions or decisions" to a person's detriment or which "exploits information or prediction about a person or group of persons in order to target their vulnerabilities[.]" The draft also requires notice to individuals when they interact with AI, prior authorization for the use of remote biometric identification tools (including facial recognition), and data impact assessments for "high-risk" systems. The draft is broadly worded and subject to exceptions—including exemptions for "investigating serious crime and terrorism"—but would impose a penalty of up to 4% of annual revenue on companies that violate the regulation. The official release of the proposed regulation is expected on April 21. EPIC has called for prohibitions on secret scoring, mass surveillance, and facial recognition.
In an open letter released today, EPIC and twenty four civil rights and social justice organizations called on elected officials to ban corporate, private, and government use of facial recognition technology, suggesting Portland, OR's recent ban on facial recognition as a model. The letter also urges corporate leaders to ban the technology within their companies. The coalition notes recent uses of facial recognition to monitor workers and instances of wrongful firings when facial recognition systems mis-identified black gig workers. EPIC and a coalition recently urged New York City Council to enact a comprehensive ban on facial recognition. EPIC leads a campaign to Ban Face Surveillance and through the Public Voice Coalition gathered support from over 100 organizations and experts from more than 30 countries.
As the Florida Legislature considers pending privacy bills, HB 969 and SB 1734, EPIC urged lawmakers to enact strong privacy protections for all Floridians. The House Commerce Committee is today hearing HB969, would give Floridians the right to know what information companies have collected about them, the right to delete and correct that information, the right to opt-out of the sale or sharing of their personal information, strong limits on the retention of their data, and additional protections for their children’s privacy. Critically, the bill would create robust enforcement mechanisms, including a private right of action, to ensure companies do not flout the law. In written testimony, EPIC urged committe members to further strenghten the bill to prohibit discriminatory uses of data, remove the "right to cure" provision, require data minimization, support global opt-out mechanisms, ban pay-for-privacy schemes, and provide enhanced safeguards for sensitive uses of data. EPIC had previously led a coalition of groups urging Florida lawmakers to preserve the private right of action in the bills.