30.8.2022

The Artificial Intelligence Act and consumer protection – are you ready?

Artificial intelligence, or AI for short, plays a major role in the modern lives of people and companies. Various automations and algorithms govern online services, online trade and digital marketing. This has a significant impact on consumer behaviour. When it comes to consumer protection, the new regulation aims to increase consumers’ trust in AI and increase responsibility and safety in the market’s technological development. On 21 April 2021, the European Commission proposed a regulation laying down harmonised rules on artificial intelligence. According to estimates, the regulation could enter into force before the end of the year. With a transitional period of two years, the regulation would become applicable by the end of 2024.

The definition of AI and the Artificial Intelligence Act in light of consumer protection

A typical problem concerning AI is that it is very difficult to define, at least exhaustively. The Act defines AI as a software that has the ability, for a given set of human-defined objectives, to generate outputs such as content, predictions, recommendations, or decisions which influence the environment with which the system interacts. AI is not offered to consumers in a raw format. Instead, consumers receive products or services that are controlled by sophisticated algorithms and software.

The proposed regulation does not create new consumer rights or form new appeal proceedings as such. According to the proposal, when harmful AI practices and systems do not fall under the scope of prohibited AI practices as defined in the proposed regulation, they would be covered by general data and consumer protection legislation. The focus of the proposed regulation is on defining certain prohibited practices and strictly regulated high-risk systems. These practices are examined both on an industry and on a sector basis.

Prohibited practices

The proposal prohibits the use of AI systems that create an unacceptable risk. These systems create such an obvious threat to the safety, rights and livelihoods of people that the regulation prohibits their use entirely. Such systems include ones that have the potential to manipulate people through subliminal techniques beyond their conscious awareness and that are likely to cause psychological or physical harm. The proposal also prohibits certain systems that use social scoring, as they are considered contrary to fundamental values of the EU. They can also lead to discrimination.

High-risk systems

The proposal classifies as high-risk such AI systems that are intended to be used as safety components of products, for example, as well as systems that pose a high risk of harm to health and safety and that are used in specific areas. The proposal lists some examples of high-risk AI systems, including systems used as safety components in the management and operation of the supply of water, gas, heating and electricity, and systems used to evaluate the creditworthiness of natural persons in relation to essential private and public services.

The obligations of providers of high-risk AI systems are laid down in Article 16 of the proposed regulation. Among other things, such providers of AI systems shall:

Obligation to disclose information

The obligation to disclose information is central to the general principles of consumer protection. In the context of AI use, the obligation to disclose information is therefore a general principle for all AI systems affecting consumers. This means that consumers must have easy access to sufficient, clear and timely information on the existence of an AI system, its deductive processes and possible outcomes and its effects on consumers. Consumers must also be told how they can request the system’s operations to be reviewed or fixed and how they can contact a competent person. Information on disputing the matter must also be provided.

Further specifications to AI regulation

The Artificial Intelligence Act is meant to be a part of a larger whole, and some parts are not yet known. For example, there will be a separate proposal concerning the liability issues surrounding AI. It is likely that this proposal will be applicable to consumer protection as well. The proposal will also have several connecting factors to existing EU regulation, such as data protection and market supervision regulation and the general EU regulation on consumer protection binding on businesses.

Sources:

https://www.kkv.fi/ajankohtaista/lausunnot/lausunto-u-28-2021-vp-valtioneuvoston-kirjelma-eduskunnalle-komission-ehdotuksesta-euroopan-parlamentin-ja-neuvoston-asetukseksi-tekoalyn-harmonisoiduksi-saantelyksi-artificial-intelligence-act/

https://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX:52021PC0206&from=EN

Latest references

We are acting as the lead counsel to Fortum in a cross-border transaction in which Fortum is selling its recycling and waste business. The business is sold to thematic impact investing firm Summa Equity through its portfolio company NG Group. The debt-free purchase price is approximately EUR 800 million. The transaction is subject to authority approval and customary closing conditions. Fortum’s recycling and waste business to be sold comprises municipal and industrial waste management and end-to-end plastics, metals, ash, slag and hazardous waste treatment and recycling services. These businesses are located in Finland, Sweden, Denmark and Norway and currently employ approximately 900 employees.
Case published 18.7.2024
We advised Andritz Oy, a part of ANDRITZ group, with their acquisition of all the shares in Procemex Oy. The acquisition further strengthens ANDRITZ’s automation and digitalisation portfolio. Procemex is a global leader in integrated web monitoring and web inspection solutions for the pulp and paper industry. It has a team of more than 100 vision systems experts and has subsidiaries in Germany, Japan and the US. ANDRITZ offers a broad portfolio of innovative plants, equipment, systems, services and digital solutions for a wide range of industries and end markets. ANDRITZ is a global market leader in all four of its business areas – Pulp & Paper, Metals, Hydropower and Environment & Energy. The publicly listed group has around 30,000 employees and over 280 locations in more than 80 countries.
Case published 18.7.2024
We successfully acted as the lead external counsel for Citycon Plc in an arrangement whereby Citycon outsourced its Nordic Accounting and Lease Administration operations and related workforce in Finland, Sweden, Norway, Denmark and Estonia to Staria Plc. The outsourcing is expected to take place as of 1 August 2024. With this outsourcing arrangement, Citycon aims to align the size and capabilities of the company’s finance organisation with its future development, ensuring it can adapt to meet the company’s needs at any given time. During the assignment, we assisted Citycon in drafting the necessary contract documentation and planning the contract negotiations and timetable. We led the outsourcing agreement negotiations and advised Citycon on employee transfer and data privacy related matters. We also coordinated legal advice for other in-scope countries. Citycon is the leading owner and developer of urban hubs in the Nordics and Baltics. Citycon’s 33 mixed-use, necessity-based centres are located in the major cities in Finland, Sweden, Norway, Denmark and Estonia. Citycon transforms unique locations into sustainable communities and cities full of life, serving 140 million people each year and delivering long-term share value. Citycon brings value to communities by developing urban hubs for living, working, socialising and shopping. Citycon has extensive experience as an urban developer and uses its expertise in creating mixed-use centres that include retail, offices, hotels, housing, food & beverage as well as healthcare, culture and leisure services.
Case published 13.5.2024
We acted as Zendesk, Inc.’s Finnish legal counsel in its acquisition of Ultimate Enterprises Oy, an industry leading provider of service automation using AI technology. The cross-border acquisition was completed in cooperation with the transaction’s lead counsel Allen & Overy. Zendesk is a leading global technology company that provides software-as-a-service and customer experience (CX) products based in the US. The acquisition of Ultimate expands Zendesk’s AI-powered CX offerings.
Case published 26.3.2024