States in the US are introducing legislation to regulate HR Tech, with New York proposing legislation targeting automated employment decision tools (AEDTs), and California proposing multiple pieces of legislation. Federal efforts have now emerged, with Senators introducing the No Robot Bosses Act and Exploitative Workplace Surveillance and Technologies Task Force Act. The No Robot Bosses Act seeks to protect job applicants and employees from the undisclosed use of automated decision systems, requiring employers to provide notice of when and how the systems are used. The Exploitative Workplace Surveillance and Technologies Task Force Act seeks to create an interagency task force to lead a whole government study and report to Congress on workplace surveillance. The Biden-Harris administration have secured voluntary agreements from various AI companies to ensure products are safe and that public trust is built.

The European Parliament has passed the latest version of the EU AI Act, which will now proceed to the final Trilogue stage. The Act is a landmark piece of legislation proposed by the European Commission to regulate AI systems available in the EU market. It takes a risk-based approach to regulation, with systems classified as posing minimal, limited, high, or unacceptable levels of risk. The latest version aligns more closely with the OECD definition of AI and covers eight high-risk categories, including biometrics and biometric-based systems, management of critical infrastructure, and AI systems intended to be used for influencing elections. The Act also prohibits real-time remote biometric identification and places a focus on protecting EU citizens' rights and education.

The AI Disclosure Act of 2023 is a federal bill introduced by U.S. Representative Ritchie Torres of New York's 15th Congressional District that seeks to create greater transparency around the use of generative AI. The bill requires any outputs generated by artificial intelligence to be accompanied by a disclaimer indicating that it was generated by AI. Violating this requirement will result in penalties, privileges, and immunities under the Federal Trade Commission Act. The AI Disclosure Act is an important step towards algorithmic transparency, but it is not the first initiative to increase algorithmic transparency. Other initiatives include the Illinois Artificial Intelligence Video Interview Act, New York City Local Law 144, Maryland’s HB1202, and the EU AI Act. Organizations using AI should prepare for compliance with transparency requirements in advance to ensure compliance.

The EU AI Act is a piece of legislation proposed by the European Commission to regulate the AI systems available in the EU market. The Act takes a risk-based approach to regulation, classifying systems as posing minimal risk, limited risk, high risk, or unacceptable levels of risk. The December 2022 text defined AI as a machine-based system designed to operate with autonomy that can generate outputs such as predictions, recommendations, or decisions that influence physical or virtual environments. The adopted text specifies eight broad high-risk applications of AI, with important updates to biometric and biometrics-based systems. A new Fundamental Rights Impact Assessment obligation has been introduced for users of High-Risk AIs, and prohibited practices now include AI models used for biometric categorization, predictive policing, and the collection of facial images for database construction. The EU AI Act will have important implications for the fairness and safety of AI systems available in the EU market, with deployers and users of AI systems facing a number of obligations.

The European Commission released a draft for conducting audits under the Digital Services Act (DSA) on May 6, 2023, which pertains to the 17 Very Large Online Platforms (VLOPs) and 2 Very Large Online Search Engines (VLOSEs, including Facebook, LinkedIn, Twitter, Bing, and Google). The purpose of this delegated regulation is to promote transparency and public accountability for large platforms, with provisions for annual independent audits. Algorithmic systems will be audited and will include disclosures and risk assessments. The draft clarifies the relationship between Audited Providers and Auditing Organizations, and lays down provisions for selecting auditors, data sharing, and cooperation. Auditing Organisations will send Final Reports, including Risk Analyses and Audit Conclusions, and must be completed within a year from the date of application of the obligations to the Audited Provider. The draft is open for public comments until June 2, 2023. The article promotes Holistic AI's interdisciplinary approach for AI governance, risk, and compliance.