The most accurate sentence that describes AI language models would be: “I’m sorry, the answers are ready, you just need to ask the right questions.”
Broadly speaking, an AI system is software that is developed with specific techniques and approaches and, according to Procedure 2021/0106/COD, “can, for a given set of human-defined objectives, generate outputs such as content, predictions, recommendations, or decisions influencing the environments they interact with.”
AI language models are specific sorts of the above, which use machine learning to comprehend and create human language. Such models require vast amounts of data to function, leading to the rise of new industries, such as data commerce. New concerns arise, such as job displacement, discrimination, or ethical considerations. Furthermore, ensuring the accuracy of the information generated by AI language models and providing the massive amounts of data they require present challenges. In general, training the models to function appropriately in various languages is also a concern. Nevertheless, they have the potential to improve efficiency or advance education. We note that in Hungary, AI-based software is extensively used in public administration, such as a chatbot on the Hungarian Food Chain Safety Office website for customer inquiries. Hungary AI Strategy 2020-2023 (Strategy) will shape Hungarian legislation, addressing future economic concerns. We advocate for addressing important legal challenges that may not be immediately apparent from the Strategy.
Some of the key legal concerns that we believe are not adequately addressed by existing or proposed legislation yet are:
The Italian Job: AI language models heavily rely on data, which raises concerns about the privacy and security of personal data, as well as potential misuse of the collected data. Compliance with the EU General Data Protection Act (GDPR) and Act CXII of 2011 on the Right of Informational Self-Determination and on Freedom of Information is crucial to address such issues. The Italian Data Protection Authority temporarily banned ChatGPT, an OpenAI product [Provision no. 9870832, March 30, 2023], citing issues with personal data processing, insufficient information for data subjects, and lack of age verification. OpenAI must fulfill the requirements by April 30, 2023 to operate in Italy.
In Hungary, a record-breaking data protection fine was imposed on a commercial bank. They used AI to analyze customer service calls without informing customers about the automated scrutiny of their voice and emotions. The use of AI to analyze human emotions carries significant risks and should generally be avoided. Additionally, the bank unlawfully monitored its employees using the same AI system.
Liability: Assigning liability for AI systems’ actions and outputs is a complex issue. Various parties, including software engineers, users, or even third parties, may bear responsibility. However, in our assessment, it is most likely that in Hungary, the primary liability for the actions of an AI system would fall on its operator.
Intellectual Property: Should intellectual property rights for AI-generated work exist in Hungary/the EU, and if yes, who should own them? The question is whether it should be the language model’s, the software creator’s, or the users’. While EU and Hungarian law currently requires human intellectual effort and creative choice for intellectual property protection, it is uncertain how much human involvement is required throughout the process.
Transparency and Malicious Use: Transparency is important to ensure accountability and trust in the use of AI, particularly in decision-making processes that affect people’s lives. Malicious use of AI can have serious consequences, ranging from cybersecurity threats to perpetuating biases and discrimination. Measures to prevent and address these issues are of utmost importance. Some of those concerns are addressed by the EU AI Act, which aims to regulate the development and deployment of AI within the EU, introducing requirements such as transparency, traceability, and human oversight for AI systems. It proposes a risk-based approach to regulation and includes a list of prohibited AI practices. The proposal is currently under review by the European Parliament and the Council of the EU and, if adopted, will have significant implications for businesses and organizations operating within the EU, which must ensure compliance with its requirements or face significant fines. This EU legislation would be directly applicable to all EU member states, Hungary included.
The rapid advancement of AI without corresponding regulation poses significant risks, requiring regulatory intervention. Companies utilizing AI may be unprepared to comply with future AI regulations. Therefore, it is essential for them to review their practices in collaboration with legal professionals.
By Aron Matyas Somogyi, Partner, and Eszter Dorottya Rupnik, Attorney-at-law, Szabo Kelemen & Partners Andersen Attorneys
This article was originally published in Issue 10.7 of the CEE Legal Matters Magazine. If you would like to receive a hard copy of the magazine, you can subscribe here.