Canada has proposed the Digital Charter Implementation Act, which would establish three acts for trust and privacy: the Consumer Privacy Protection Act, the Personal Information and Data Protection Tribunal Act, and the Artificial Intelligence & Data Act (AIDA). AIDA would set governance and transparency requirements for businesses that use or develop AI in Canada, including requirements relating to bias, transparency, risk mitigation, and record-keeping. The act would also establish the role of an AI & Data Commissioner to monitor compliance and order third-party audits as required. However, it is uncertain if AIDA will pass, and businesses that develop AI for personal information collection or use may have to answer to federal transparency and privacy protection expectations.

Spain has launched the first regulatory sandbox to test new rules for artificial intelligence (AI) and algorithmic systems as part of the EU AI act. The country has also introduced a rider-law, Royal Decree-Law 9/2021, to safeguard employment rights of delivery workers who work through digital platforms. The law includes a presumption of employment for riders who work under a digital platform algorithm, giving them additional job security and safety provisions. Employers are required to inform works councils of workers' parameters, rules, and instructions based on AI systems used as part of the platform. The Ministry of Labour has also published guidelines for complying with algorithmic transparency laws, including the GDPR where necessary.

AI regulation is growing significantly, with governments considering AI regulations, policies, and strategies to manage AI risks and harms. The EU has proposed the AI Act, which takes a risk-based approach and establishes four categories of AI systems based on potential harms. California has proposed regulations to extend non-discriminatory practices to automated decision systems and to regulate the day-to-day use of automated tools in the workplace. Both acts require ongoing monitoring and re-evaluation when significant changes are made to the system. The EU AI Act is more expansive and takes a sector-agnostic approach, while California's proposed laws are narrowly focused mainly on automated employment decision tools. Holistic AI offers a risk management platform to help enterprises identify risks and recommend steps to mitigate them. This blog article is not intended to provide legal advice or a legal opinion.

The Department of Consumer and Worker Protection (DCWP) in New York City held a public hearing on proposed rules for the NYC Bias Audit Legislation. Attendees were given the opportunity to testify, and many called for independent third-party audits to ensure impartiality and compliance with the legislation. There were concerns about the use of impact ratios as a metric for bias in small sample sizes, and more clarification is needed on notice requirements and the role of vendors of automated employment decision tools (AEDTs). Despite overwhelming support for the legislation, there is a need for additional legislation to hold developers and employers accountable for their actions and ensure the safety of AI systems. Holistic AI can help businesses identify risks, establish a risk management framework, and comply with relevant legislation.

The proposed California Workplace Technology Accountability Act (AB-1651) aims to increase accountability surrounding the use of technology in the workplace and reduce potential harm. The Act restricts the data that can be collected about workers to only proven business activities, gives workers access to their data, and requires data protection and algorithmic impact assessments. The Act defines automated decision systems, outlines worker rights concerning their data, and sets notification requirements for data collection and electronic monitoring. The Act also outlines impact assessment requirements and consultation processes for workers potentially affected by automated decision tools. The Act applies to employers in California using technology to make employment-related decisions about workers or collect data about them, as well as vendors acting on behalf of employers.