In November 2019, the Council of Europe’s* Committee of Experts on Human Rights of Automated Data Processing and Different Forms of Artificial Intelligence (the “Committee”) finalized its draft recommendations on the human rights impacts of algorithmic systems (the “Draft Recommendations’’).  The Draft Recommendations, which are non-binding, set out guidelines on how the Council of Europe member states should legislate to ensure that public and private sector actors appropriately address human rights issues when designing, developing and deploying algorithmic systems.

The Draft Recommendations define “algorithmic systems” as applications that, often using mathematical models, perform one or more of the following tasks: gathering, combining, cleaning, sorting, classifying and inferring data, and / or selecting, prioritizing, recommending and making decisions.  This definition encompasses, but is not limited to, artificial intelligence (“AI”).

The Draft Recommendations recognize that the myriad uses of algorithmic systems, including for email, targeted advertising, medical diagnostics, transportation and logistics, as well as for predictive purposes such as policing and border control, may have significant impacts on the human rights of individuals and groups (e.g., the right to privacy and freedom of expression).  The Draft calls on the Council of Europe member states to adopt and enforce legislation to ensure in line with guidance set out in the Draft’s Appendix.

The Appendix of the Draft Recommendations in turn provides two sets of guidelines, one for member states and one for private sector actors.  The first set of guidelines provides a potential roadmap for future legislation in this area.  The second set, while less relevant for understanding the possible shape of new laws, may be useful as a reference for good practice for companies seeking to demonstrate a commitment to the responsible use of algorithmic systems.

The guidelines broadly echo the EU High-Level Expert Group on AI’s Ethics Guidelines for Trustworthy AI published in April 2019.  (See our previous Covington blog on this update here and here.)  New and notable elements of the Draft Recommendations include:

  • Informational self-determination. Member states should ensure that all design, development and deployment of algorithmic systems provide an avenue for individuals to be informed in advance of data processing and to control their data.  Additionally, individuals and groups should have the freedom to exclude data relating to themselves, their physical environments and their activities from use in algorithmic systems.
  • Transparency, accountability and effective remedies. Member states should establish appropriate levels of transparency about the algorithmic systems implemented by and for both public and private sector actors.  Users should know how their data is being used, what the real and potential impact of the algorithmic system in question is, how to object to the processing of their data, and how to meaningfully contest and challenge specific outputs.  Note that in the guidelines for private sector actors, the Committee recommends that terms of service not include waivers of rights or obstacles to the effective access to remedies.
  • Human Rights Impact Assessments. Member states should ensure that they, as well as any private actors working with them or on their behalf, regularly conduct and consult on human rights impact assessments when developing and deploying algorithmic systems.  The Committee recommends that algorithmic systems not be procured if confidentiality considerations or trade secrets frustrate the implementation of a meaningful human rights impact assessment.

The Draft Recommendations emphasize the need for governments to consult with industry stakeholders, academia, civil society groups and the wider public, to ensure that they promote the development of algorithmic systems in a way that is in line with human rights norms.  The Committee advocates, like many others in the global community, a human-centric approach to the increasing, continued use of algorithmic systems.

The Draft Recommendations, which will next go to the Council of Europe for adoption, join another of similar initiatives that look to provide guidance on the development and use of AI,  including the OECD Principles on AI, the G20 AI Principles, and the 2018 Report of the United Nation’s Special Rapporteur on AI.  We anticipate further developments in this area, including further clarity on the European approach to AI regulation in the coming weeks and months.  Stay tuned for further updates.

* The Council of Europe is an international organization, which is distinct from the European Union.  Founded in 1949, the Council of Europe has a mandate to promote and safeguard the human rights enshrined in the European Convention on Human Rights.  The organization brings together 47 member states, including all of the 27 EU member states.  Recommendations issued by the Council of Europe are not binding, but EU laws often build on Council of Europe standards when drawing up legislation.

Covington’s Business and Human Rights team draws upon attorneys and policy experts with deep human rights backgrounds including service in government and international organisations, with non-governmental organisations, in media, and within multinational corporations, and integrates them across our U.S., European, African and Asian offices. We regularly advise clients with respect to human rights due diligence, best emerging practices in their policies and procedures, risk mitigation and litigation.

Print:
Email this postTweet this postLike this postShare this post on LinkedIn
Photo of Lisa Peets Lisa Peets

Lisa Peets is co-chair of the firm’s Technology and Communications Regulation Practice Group and a member of the firm’s global Management Committee. Lisa divides her time between London and Brussels, and her practice encompasses regulatory compliance and investigations alongside legislative advocacy. For more…

Lisa Peets is co-chair of the firm’s Technology and Communications Regulation Practice Group and a member of the firm’s global Management Committee. Lisa divides her time between London and Brussels, and her practice encompasses regulatory compliance and investigations alongside legislative advocacy. For more than two decades, she has worked closely with many of the world’s best-known technology companies.

Lisa counsels clients on a range of EU and UK legal frameworks affecting technology providers, including data protection, content moderation, artificial intelligence, platform regulation, copyright, e-commerce and consumer protection, and the rapidly expanding universe of additional rules applicable to technology, data and online services.

Lisa also supports Covington’s disputes team in litigation involving technology providers.

According to Chambers UK (2024 edition), “Lisa provides an excellent service and familiarity with client needs.”

Photo of Marty Hansen Marty Hansen

Martin Hansen has over two decades of experience representing some of the world’s leading innovative companies in the internet, IT, e-commerce, and life sciences sectors on a broad range of regulatory, intellectual property, and competition issues, including related to artificial intelligence. Martin has…

Martin Hansen has over two decades of experience representing some of the world’s leading innovative companies in the internet, IT, e-commerce, and life sciences sectors on a broad range of regulatory, intellectual property, and competition issues, including related to artificial intelligence. Martin has extensive experience in advising clients on matters arising under EU and U.S. law, UK law, the World Trade Organization agreements, and other trade agreements.

Photo of Sam Jungyun Choi Sam Jungyun Choi

Recognized by Law.com International as a Rising Star (2023), Sam Jungyun Choi is an associate in the technology regulatory group in Brussels. She advises leading multinationals on European and UK data protection law and new regulations and policy relating to innovative technologies, such…

Recognized by Law.com International as a Rising Star (2023), Sam Jungyun Choi is an associate in the technology regulatory group in Brussels. She advises leading multinationals on European and UK data protection law and new regulations and policy relating to innovative technologies, such as AI, digital health, and autonomous vehicles.

Sam is an expert on the EU General Data Protection Regulation (GDPR) and the UK Data Protection Act, having advised on these laws since they started to apply. In recent years, her work has evolved to include advising companies on new data and digital laws in the EU, including the AI Act, Data Act and the Digital Services Act.

Sam’s practice includes advising on regulatory, compliance and policy issues that affect leading companies in the technology, life sciences and gaming companies on laws relating to privacy and data protection, digital services and AI. She advises clients on designing of new products and services, preparing privacy documentation, and developing data and AI governance programs. She also advises clients on matters relating to children’s privacy and policy initiatives relating to online safety.