I appeared before then INDU Committee on Bill C-27 yesterday. My opening remarks are set out below.
Thank you for the opportunity to appear.
I am Senior Counsel with McCarthy Tetrault with a practice focused on technology, intellectual property, and privacy. I am the author of several books in the field including an 8 volume treatise on Computer, Internet and e-commerce law. I am here in my personal capacity.
Although my remarks will focus on AIDA, I have submitted to the Clerk numerous articles I published related to the CPPA and AIDA which contain much needed recommendations for improvements.
In my view AIDA is fundamentally flawed. Any law that is intended to regulate an emerging transformative technology like AI should meet certain basic criteria. It should protect the public from significant risks and harms and be effective in promoting and not hindering innovation. It must also be intelligible – that is members of Parliament and the public must be able to know what is being regulated and how the law will apply, it must respect Parliamentary sovereignty and constitutional division of powers, and employ an efficient and accountable regulatory framework.
AIDA either fails, or its impact is unknowable, in every respect.
AIDA has no definition of “high impact” AI systems and, even with the Minister’s letter, has no criteria for what, and no guiding principles for how, AI systems will be regulated. We don’t know what the public will be protected from, how the regulations will affect innovation, or what the administrative monetary penalties (AMPs) will be. We know that fines for violating the regulations can reach $10MM or 3% of gross revenues, but we have no idea what the regulations will require that will trigger the mammoth fines against small and large businesses.
In short, none of the key criterial to assess AIDA are knowable. In its current form, AIDA is “not intelligible”.
AIDA is, in my view, an affront to Parliamentary sovereignty. It is regulation in the name of expediency with no Parliamentary control.
AIDA sets a dangerous precedent. What will be next? Fiat by regulation for quantum computing, blockchain, the climate crisis, or other threats?
AIDA also invokes a centralized regulatory framework leaving all regulation to ISED. This departs from the sensible hub and spoke decentralized pro-innovation approach being taken so far in the UK and US which leverage existing agencies and their expertise and avoids overlapping regulation. It recognizes that AI systems of all types will pervade all aspects of society and that one regulatory authority alone is ill suited to regulate them. Rather, what is needed is a regulatory framework for a centralized body that sets standards and policies, coordinates regulation within Canada and internationally, and has mechanism for addressing areas that could fall into gaps.
AIDA also paves the way for a bloated and unaccountable bureaucracy within ISED. ISED will make and enforce the regulations and they will be administered and enforced by the AI and Data Commissioner who is not accountable to Parliament (like the Privacy Commissioner. The Commissioner will also not be subject to any express judicial oversight, even though he/she will have the power to shut down businesses and impose penalties (AMPs).
Last, a major problem with AIDA is that its lack of intelligibility and guiding principles make it impossible to evaluate its impact on innovation. We need to recognize that Canada is a middle country. It is risky for Canada to be out in front of our major trading partners with a law that may not be interoperable with those countries and territories and which may inadvertently and unnecessarily create barriers to trade.
Our AI entrepreneurs are heavily dependent on being able to access and exploit AI models like ChatGPT from the US. We should not risk creating obstacles that inhibit the adoption, or realizing the maximum potential, of AI, or the continued growth of our AI ecosystem and the high paying jobs that could be created.
AI is going to be as transformative and as important as the steam engine, electricity, and the micro-chip. Canadian organizations in all sectors need open access to AI systems to support adoption and innovation and to be competitive in world markets. If we fail to get this right there could be significant and long lasting consequences for the country.
To go back to my first point. There is nothing in AIDA to provide comfort that these risks will be avoided.
While not the focus of these opening remarks, I also have comments on the CPPA, which also has problems that should be addressed.
I look forward to your questions.
You can watch my appearance at the INDU Committee on Bill C-27 including AIDA at this link.
- Note: my appearance was once day before the Minister released proposed amendments to the the Bill. Look for a new post that deals with the proposed amendments.
1 comment
Great post
Thank you for your insightful and comprehensive remarks on the flaws of AIDA. It is crucial that any legislation related to AI considers the protection of the public, promotes innovation, and maintains intelligibility. Your points about the lack of definition, criteria, and guiding principles within AIDA raise valid concerns. Moreover, the need for a decentralized regulatory approach, as seen in the UK and US, highlights the potential drawbacks of a centralized framework. The potential impact on innovation and trade barriers are essential elements to consider as well. It is important for Canada to strike the right balance to ensure the growth and competitiveness of its AI ecosystem.
Jean
http://www.wisebuypicks.com/