Boost Digital Signature Legitimateness for NPOs in European Union with airSlate SignNow
- Quick to start
- Easy-to-use
- 24/7 support
Forward-thinking companies around the world trust airSlate SignNow
Your complete how-to guide - digital signature legitimateness for npos in european union
Digital Signature Legitimateness for NPOs in European Union
In today's digital age, ensuring the legitimacy of signatures is crucial for Nonprofit Organizations (NPOs) in the European Union. By utilizing digital signature solutions like airSlate SignNow, NPOs can streamline their signing processes while maintaining compliance with EU regulations.
Steps to Utilize airSlate SignNow for Secure Document Signing:
- Launch the airSlate SignNow web page in your browser.
- Sign up for a free trial or log in.
- Upload a document you want to sign or send for signing.
- If you're going to reuse your document later, turn it into a template.
- Open your file and make edits: add fillable fields or insert information.
- Sign your document and add signature fields for the recipients.
- Click Continue to set up and send an eSignature invite.
airSlate SignNow empowers NPOs to efficiently manage their signing processes while ensuring the legitimacy of digital signatures in the European Union. With user-friendly features and cost-effective solutions, NPOs can benefit from the ease of use offered by airSlate SignNow.
Experience the benefits of airSlate SignNow today to enhance your document signing processes and ensure compliance with EU regulations.
How it works
Rate your experience
-
Best ROI. Our customers achieve an average 7x ROI within the first six months.
-
Scales with your use cases. From SMBs to mid-market, airSlate SignNow delivers results for businesses of all sizes.
-
Intuitive UI and API. Sign and send documents from your apps in minutes.
FAQs
-
What is the EU law for qualified electronic signature?
A qualified electronic signature has the equivalent legal effect of a handwritten signature and enjoys mutual recognition in every EU member state. But, in fact, it is uncommon that a member state (or its courts) will use a qualified electronic signature to authenticate a transaction. -
What is the EU qualified signature for ?
It is a specific type of electronic signature that must meet advanced electronic signature requirements and be backed by a qualified certificate, meaning a certificate issued by a trust service provider that is on the EU Trusted List (ETL) and certified by an EU member state. -
Is an eSignature legal in Germany?
Electronic signatures are legally recognized in Germany and are provided for in eIDAS Regulation No. -
Can be used in the EU?
Different types of transactions require different type of signatures, as determined by each EU member state's national law. offers all three eIDAS-compliant eSignatures in the cloud and mobile to fit all of your business use cases, ranging from common everyday transactions to legally regulated EU transactions. -
Is legal in the EU?
European Union (EU) Electronic signatures are actively in use in Europe, and eSignatures are compliant with eIDAS and EU electronic signature technical standards. -
Are electronic signatures recognized internationally?
The short answer is yes. As you can see, most countries have either permissive or two-tier laws when it comes to eSignatures. And even though two-tier laws, e.g. eIDAS, place more evidentiary weight on eSignatures that meet certain criteria, all types of eSignatures are still legal and valid under those laws. -
Is digital signature valid in EU?
Nevertheless, across the European Union, when a transaction requires a qualified electronic seal from a legal person, a qualified electronic signature from the authorised representative of the legal person is equally acceptable.
Related searches to digital signature legitimateness for npos in european union
Join over 28 million airSlate SignNow users
How to eSign a document: digital signature legitimateness for NPOs in European Union
hello everyone welcome to this webinar from field fisher silicon valley thanks for joining us today we're going to be talking about the revolution that's currently taking place in the eu around digital regulation and our goal today is really to give you a primer on some of the key legislative proposals coming from the eu and what these laws could mean for you we're not going to be giving a deep dive on the laws and going into a huge amount of detail um there simply would be too much to cover but don't worry phil fisher is going to be sharing a lot more content in the next few months and year ahead so make sure that you check out our privacy security and information law blog in the future and tune into future webinars when we'll be discussing this topic in more depth but of course if you do have any questions after today's session please feel free to get in contact and we'd be happy to answer those questions we'll also be circulating a copy of the slide deck and of the recording to everyone on the distribution list after broadcast as well so firstly some introductions so my name is richard lawn i'm a senior associate in field fisher silicon valley office here in the bay area and i'm joined today by felicity fisher a partner and technology and privacy guru we're also joined by andrea ortega a fellow senior associate in our team and today we have james russell a trainee solicitor who's tuning in and joining us from our london office as well so you've undoubtedly seen the headlines the eu has been very busy and it's introducing a swathe of new laws regulating the digital markets now this is all part of the eu's digital agenda which has a goal of putting the eu at the forefront of technological development with a strong focus on data technology and infrastructure but it also has a goal of achieving this while protecting individuals fundamental rights phase one of this digital agenda actually kicked off uh in the last decade back in 2010 and that was focused on creating a fair open and secure digital environment and providing better access to digital goods and services both for consumers and businesses so amongst many other things it saw things like an update to the e-privacy directive and of course introduction of the gdpr which had and continues to have a huge impact on data protection around the world we're now in the second phase of the eu's digital agenda and this is really focused now on creating a secure uh digital space for services ensuring that there's a level playing field in digital markets and in particular regulating the activities of large platforms and also strengthening europe's digital sovereignty and i'll explain a little bit more what i mean by that later the eu has a very comprehensive action plan to accomplish this pretty lofty goal and that includes establishing targets creating investment and funding programs and initiatives also establishing a cooperative mechanism between the european commission and individual member states but of more interest to us it also includes a very ambitious legislative package of new laws and these are really aimed to address some of the goals that i mentioned but also address the rapid rate of technological change so today we're going to be focusing on a few laws that make up this legislative package the ones on screen here the first two laws that we're going to be discussing are the digital services act and the digital markets act which the two laws that you've probably heard of they've been making the headlines and they together form what is called the digital services package they're also quite well developed and well on their way to becoming law so they were both approved by the european parliament earlier this year and now they're just pending formal adoption by the european council before the final texts are published in the european journal the digital services act or the dsa that's the law that's really focused on protecting consumers online and establishing a transparency and accountability framework for online platforms it includes a whole range of very specific provisions for online platforms including things like rules around content moderation and restrictions around targeted advertising the digital markets act or dma that is a slightly different focus that's all about competition and making sure that the digital sector is fair and more competitive so it's focused on regulating the activities of larger platforms now the next two laws we're going to talk about are all about strengthening europe's digital sovereignty those are the digital governance act and the data act and these are the two main laws resulting from european strategy for data so what does that mean in practice well the digital sorry the data governance act rather that's one that's aimed at facilitating data sharing between businesses and also between businesses and government and the data act complements the data governance act by setting up our framework for who can access and create value from that data sharing and finally today we're also going to talk about the proposed ai regulation and this is actually the first attempt globally yes you heard that right the very first attempt around the world to regulate ai with a specific set of uh rules and now this one's a little bit further behind the other laws it's still uh in draft form and a proposal at this stage but it's definitely worth mentioning today now naturally not all of these laws are going to apply to everyone and they're not going to apply to everyone equally but they're sure to have a huge impact on the digital sector in the eu and so even if they don't apply to you directly it's well worth being aware of them and knowing how they could impact you indirectly as i mentioned earlier we're not intending to cover all of the upcoming changes and new laws and proposals coming out of the eu um these are just the laws we're going to be talking about today so for in for instance we're not going to be talking about the proposed e-privacy regulation which is the law that's intended to replace the e-privacy directive we're also not going to be talking about the nist ii directive which has been proposed to replace the current nis one and we're not going to be talking about other laws like the proposed regulation on the free flow of non-personal data suffice it to say there's a huge amount of new laws and proposed changes for the eu and that there simply isn't enough time today to cover all of them with that said i think it's probably time for me to hand over to andrea who's going to kick us off by uh discussing a little bit more about the dsa which is one of the laws that's been making ways in the press over to you andrea thanks richard hi everyone uh so the digital services act aims to address the use of the internet for harmful purposes including the trade and exchange of illegal goods services and content online or the manipulation of algorithmic systems to amplify the spread of this information the term illegal content is at the heart of the dsa but it's not defined within within the dsa instead the dsa refers to other laws either at the eu or national level so for example terrorist content child sexual abuse material or illegal hate speech are defined at the eu level similarly to the gdpr the dsa takes the form of a regulation which means that the new rules will be applied uniformly throughout the eu in addition importantly these rules will apply to all players european or not it will therefore therefore have extra territorial reach in contrast to the e-commerce directive which only applies to service providers established in the in the union note that the e-commerce directive is not repealed by the dsa but amended and complemented with regards to in scope providers um the rules primarily concern online intermediaries and platforms that transmit store or make available third-party content to eu-based users so this includes online marketplaces social media networks content sharing platforms app stores messaging services network infrastructure services and also online search engines among others the dsa follows the categorization in the e-commerce directive which covers mere conduit services caching services and hosting services hostile has been expanded in the dsa to include online platforms and very large online platforms and it uses a progressive system under which the obligations become more honorable to match role size and impact very large online platforms and very large search engines are subject to stricter due diligence obligations and therefore and there are exceptions uh for platforms that qualify as medium or small to give you an idea very large online platforms are those with monthly average users of about 45 million which is meant to represent 10 percent of the eu population um to the question of what does it cover the dsa revamps the principle of limitation of liability for online intermediaries contained in the e-commerce directive and its core development is a new chapter on standards for transparency and accountability among a range of obligations the dsl will require electronic reporting mechanisms that allow individuals or entities to easily report illegal content internal complaint handling systems allowing individuals and entities to appeal certain decisions regarding reported content and accounts traceability of traders on online marketplaces and also compliance with detailed transparency and accountability obligations including specifically on online advertising and algorithms used to recommend content in addition the dsa will impose a ban on so-called dark patterns and online advertising activities targeting minors or those based on sensitive personal data um with regards to sanctions interestingly the sanction mechanism combines both enforcement at the member state and eu level at the eu level the european commission will have direct enforcement powers and could impose fines of up to six percent of the global turnover as well as periodic penalty payments for ongoing and free infringements of up to five percent of the average daily turnover in the preceding financial year um each member state will specify the penalties in their national laws in line with the requirements set out in the dsa itself um and finally um the dsa was approved as uh richard was mentioning earlier by the european parliament um on july the fifth and the council is expected to adopt to adopt it in september uh it will be directly applicable across the eu 15 months after it's published in the official journal or from january 1st 2024 whichever comes later so this means that it looks like uh the earlier it would come into effect this january 1st 2024. um however as regards to the obligations for very large online platforms some very large search engines the dsa will apply from an earlier date four months after their designation um well i know this is quite a quick overview and i'm hoping it's helpful to get a sense of whether these developments uh so whether it's you know a development you need to keep track of um i'm passing it on to richard now who will address the digital markets act thank you thanks andrea back to me um and just to mention at this stage we do have a slide later on which includes some resources for further reading so don't worry there's obviously a huge amount of detail behind these laws which we don't have time to go into but obviously you can do more reading on the commission website and on our blog as well so we've talked about the dsa now let's have a look at the dma which um is uh supposedly to complement and uh be the other side of the coin to the dsa the digital markets act is aimed at preventing larger platforms from imposing unfair conditions on businesses as well as end users and ensuring the openness of important digital services so what it seeks to do is regulate the activities of so-called gatekeepers that provide core platform services now what are these core platform services well there are 10 which are listed under the regulation so these include things like search engines video sharing platforms cloud computing services advertising services suffice it to say it's quite a broad range of different services but it doesn't cover absolutely everything the service has to fall within one of these 10 listed now who's considered a gatekeeper what are the thresholds well a gatekeeper is considered a large company that plays an important role in connecting business users and end users and which enjoys an entrenched and durable position in the market what does that mean well it means the company first of all has to have a size that impacts the internal markets and that is going to be presumed if the annual turnover of the company within the eea is at least 7.5 billion euros in each of the preceding three financial years or if the company has a market cap of at least 75 billion euros in the last financial year so really we're talking about very large companies here it also means that the company has to control gateways for business users and end users and that is again it's presumed when the company has more than 45 million monthly active end users within the eu and more than 10 000 yearly active business users in the eu so the company has to have a fairly substantial user base both in terms of business users and end users and finally the company also has to have an entrenched and durable position and this is going to be presumed if it meets both of the other two conditions i mentioned for each of the last three financial years it's important to point out though that you know these are some presumptions and whether a company actually is considered a gatekeeper or not may depend on some of the circumstances and some arguments that may be put forward in principle um companies that reach the threshold to become a gatekeeper and have an obligation to notify the european commission and the commission will then publish a list of companies designated as gatekeepers in addition the european commission will also have the power to carry out its own market investigations to identify companies as gatekeepers and add them to that list so you you could imagine there are some companies you probably already have in mind that are going to be naturally included on the list but we'll see also in time who it might else otherwise be considered a gatekeeper under the dna so what does the um regulation actually cover what does it regulate well as i said before it includes a number of provisions um uh some do's and don'ts around anti-competitive practices so these are things like um restrictions on gatekeepers ranking their own products or services in a more favorable manner compared to those of third parties includes things like a ban on requiring app developers to use the gatekeeper's in-app payment systems or identity providers and also a requirement to allow business users to promote their offices offers and conclude contracts outside of the gatekeepers platform so really ensuring that there's a fair market it also includes requirements around interoperability of the gatekeepers services with third party services and some data mobility provisions so for example gatekeepers will be required to provide their business users with access to data generated by the business users activity on the platform and they also will be required to provide um business users that are advertising on the platform with access to advertising performance data and ad pricing information so giving business users better access to data and ensuring fair access there are also some specific advertising requirements for instance a ban on gatekeepers tracking end users outside of the gatekeepers core platform service for the purposes of targeted advertising unless they've obtained effective consent and i think it's fair to say you can just listing off some of these requirements you can already see that they some of them at least are almost targeted at particular companies and practices that have already been under investigation and criticism but won't i won't go into that anymore today um now why is the law important well if you look at the figure there um there's the potential for up to 10 uh of global turnover in terms of fines for these gatekeepers it's a very large number it's well above for instance the four percent under the gdpr um or the six percent mentioned for the the dsa so these potentially extremely large fines that could be levied by the european commission and don't forget the european commission has previously shown an appetite for regulating large platforms so this really is a law that potentially has some teeth when does it apply well this this law will come into effect uh essentially six months after it's published in the european journal so looking at the timeline it's possible that it is going to come into effect um in autumn or winter of this year perhaps early next year in 2023 the other thing to mention though is that um there is a lead time for companies that are designated as gatekeepers so once you're identified as a gatekeeper and designated within that role you have six months within which to comply with the dma requirements so even when the law takes effect the requirements won't necessarily be applicable to these gatekeepers from day one that's probably enough on the dma so we'll change track slightly now i'll hand over to james who's going to be talking about the data governance act and the data act thanks richard so as richard has already explained these two pieces of legislation are somewhat distinct from the two we've already covered um but we decided to deal with them together here partly because there's a lot of synergy and overlap that's intended to put these two pieces together but also because um just by virtue of having had somewhat less press coverage i think there's also potentially a risk of getting these confused having somewhat similar names and dealing with very similar subject matter it it's helpful to compare and contrast um just exactly how these two interact with each other so first of all maybe starting with some of the things that both of them do so both pieces of legislation deal with data in a broader sense than we've seen under the gdpr so whilst we might be used to the terminology of data subjects controllers and processors under the data governance act and the data act instead we're looking at data users and data holders which does have this broader application of applying both to personal and non-personal data similarly both of them extend restrictions on international transfers beyond what we've seen in the gdpr to non-personal data now that data has this broader meaning and although we use our padlock image here for the eu data act suffices to say that in both cases one of the main driving thrusts is a desire by the eu to try and unlock broader data use across the eu so moving to the data governance act in particular the three main focuses here are increasing reuse of public data improving data sharing through new data intermediation services and generally promoting data altruism so firstly in relation to reuse of public data we're coming back to one of the objectives richard mentioned earlier of leveling the playing field and some of the mechanisms by which the eu is suggesting we do this is limiting exclusive data reuse agreements so these are now only going to be used where justified and necessary with maximum limits of up to 12 months enforcing reasonable fees and implementing time limits for responses to reuse requests so in this case two months how do we do all of that whilst nevertheless ensuring privacy and confidentiality in this case when we're dealing with public sector data that potentially has trade secrets intellectual property protection or as we've already mentioned personal data protection under the gdpr the eu's suggesting we're going to have increased use of secure processing environments and anonymization techniques so here we're looking at things like differential privacy and creation of synthetic data precisely how that will work i think is somewhat uncertain but we're reassured that the creation of a european data innovation board should at least assist in facilitating the sharing of best practice moving on then to data sharing um the eu is promoting the nascent industry of data intermediation services so here we're talking about those who connect holders and users of data but don't necessarily add any extra value necessarily themselves and that therefore it would be helpful um to introduce as the data governance act does national registers to clearly identify those who are trustworthy organizers of data sharing and pooling services and in mind here we have things like personal data spaces or data wallets if any of you have consent management services on your websites for your cookies you'll know what we're talking about and ad tech users in particular will find plenty of interest here moving on then to data altruism organizations here we're looking at um organizations that want to promote themselves as voluntarily making more data available and again being able to register themselves by complying with a special rulebook with transparency and notification obligations to try and foster improved access to data to serve the general interest and i think here again we're specifically thinking about scientific research really now by contrast to that we have the data act which is somewhat broader so rather than being restricted to these public sector bodies intermediation services and altruism organizations which might be more narrow we might think in the data context we're dealing with data processing services which is specifically designed to be sector neutral however as we've listed up here on the slide probably has the most impact on sort of three major areas and these are the internet of things the internet of bodies and the cloud service providers who provide what the act defines as the related services so here we're thinking about things like smart watches smart thermometers smart fridges all the dumb objects that you had that are now smart but but we're not thinking about mobile phones and computers so these are parsed off and specifically excluded under the act um now as richard has mentioned various times we're we're just doing an overview here i think suffices to say there's quite a lot to parse under the data act there's 11 chapters that cover all sorts of things and just to pull out some of those themes um in terms of leveling the playing field like under the data governance act under chapter 3 we have provisions about fair reasonable and non-discriminatory terms for data sharing agreements under chapter 4 we have a ban on unfair terms for data access when it's imposed on small and medium enterprises under chapter 6 we have a ban on creating obstacles to changing services so if you want to move all of your photos from your google drive to your icloud there's an explicit ban on creating obstacles there um similarly in terms of promoting sharing of data like we saw under the governance act under chapter eight there are again open interoperability standards and under chapter seven the provisions i mentioned before on restrictions on international transfers but i think particularly what we wanted to focus on here is the extension of some of the themes that we've already seen under privacy regulations and under the gdpr so chapter two is probably one of particular focus today um under article three there's the introduction of a obligation that all data generated by the use of these connected products and services needs to be directly accessible to the user and where it isn't or it's not possible to do so under article 4 we also have a new obligation that the data holder has to make the data available free of charge so as you might imagine there's already lots of risk considerations that come to mind there on exposing trade secrets how that relates to business sensitive data how that interacts and overlaps with gdpr privacy obligations there's some questions to be asked still um and similarly when we look at article five which is under chapter two in relation to data portability we have this new data portability right for connected products where no longer are we in the situation under the gdpr where we're limited to personal data being processed on certain legal basis and only where it's technically feasible now we seem to have this much broader right for consumers to access and port any data that's generated by the product both personal and non-personal so needless to say the european data protection board and the european data protection supervisor there have raised some concerns about this and exactly how premises between the two provisions is going to work but it's certainly an extension and a broadening of what we've seen under the gdpr so moving on to why should i care about all this why is it important well i think it is hopefully clear from the extensiveness of what we've talked about under the data act that there's a lot of compliance costs here in addition to some of the risks that i've already identified that'll have to pave their way through into product design research development and so on one thing to highlight particularly as well is the potential for extra territorial scope here so like under the gdpr if you're placing products or services on the eu market if you're targeting eu consumers or even if you're making data available in the eu it doesn't matter if you're in the us you're potentially subject to the laws here and all of that's on top of what you're now becoming very familiar with but a percentage fine based on global turnover and here it's a four percent directly referencing article 83 5 of the gdpr um limit and similarly under the eu data governance act although we don't have a number in the same way um we will have sanctions set by national regulators that we can speculate might fall in line with a similar sort of trend when is all this going to happen well for the data governance act it has already entered into force on the 23rd of june this year so will be applicable from september next year uh just a flag though that there will be transitional arrangements for entities that are already providing data intermediation services so if you're already running a data marketplace for example then you'll be required to um to comply with the new obligations that are set out under the act two years later so you'll have until the 24th of september 2025. by contrast under the data act we're at an earlier stage um so the proposed regulation was adopted by the commission on the 23rd of february this year and the deadline for feedback on that like that that we got from the european data protection board was due in may but at the moment the european parliament's committee on industry research and energy is preparing their report so um we expect that if we do see application of it next year it's probably towards the end maybe the autumn winter next year and so talking about another piece of legislation that's still at an additional stage um i'm going to pass you on to flick who will talk about the world first of artificial intelligence regulation in the eu over to you flick cool thanks james and thanks for the spoiler alert yeah i was looking forward to telling you all that this is going to be the world's first ai regulation but i think you've heard that from two other people on this um so just in case you hadn't got enough law to get your head around we've also got another regulation which is working its way through the legislative wheel in europe and that's the a artificial intelligence regulation um and as has already been mentioned this is still very much a proposal that hasn't yet been approved yet so the commission published it in april 2021 and both the european council and the european parliament are now going through the process of reviewing this draft proposal and legislation and preparing comments i think so far there have been over 3 000 amendments that it has been subject to so it's still very much a work in progress and i think the expectation is that it won't get put through what we call the tri-log process till potentially next year so a bit of a way off this regulation being approved but of course it's attracted a huge amount of attention because of um because of its focus so this really the objective of this regulation is to lay down harmonize rules on ai and as has been mentioned provide the first ever ai focused legal framework so you know once it gets approved it's going to create a uniform legal framework to govern the development marketing and use of ai systems and really the goal is to ensure that all ai products are safe they respect eu law and to enhance a lot of the governance arrangements around how ai is managed in europe all in recognition of the fact that you know ai systems are producing potentially harmful outputs or having harmful effects on society so we need to be really careful and manage how they are produced developed and some of the safety considerations around those systems for the most part the provisions of the draft proposal apply to providers of ai systems but there are also some provisions that apply or targeted at the users of the systems and the regulation really has a very broad definition of what we deem to be ai so it effectively would capture a range of software-based technologies that encompass things like machine learning uh logic and knowledge based systems and statistical approaches and it captures both ai systems used as a standalone product but as i'll go on to to mention also ai systems that form a component of a of a product and consistent with most european kind of legislation it takes a risk-based technology neutral approach to how it's regulating ai so the you know the focus of the responsibilities and the obligations is really on what on providers of high risk ai um and it also goes on to prohibit certain unacceptable ai and then it kind of goes from there if you're doing kind of lower risk ai that the obligations get more minimal um important to note as with lots of the other uh law that we've discussed in this webinar this definitely has extra territorial effect will have extra territorial effect so obviously applies if you are a provider or a user of ai systems in the eu but it's also going to apply if you are a provider who's placing on the market or putting into service ai systems in the eu even if you are in fact located outside of the eu it's also going to capture providers or users of ai systems located outside the eu where the outputs are themselves used in the european union so not just going to capture providers and users based in the eu as i mentioned the overall approach to the regulation is a risk-based one so at it's almost got this kind of pyramid approach so at the top of the pyramid we've got ai systems presenting what are deemed to be unacceptable risks and there the rules are pretty simple they're just prohibited and we'll talk a bit more about that in a second and then you've already got the bulk of the obligations which are focused on what we're calling high risk ai systems and those high risk ai systems are authorized but they're subject to a set of requirements and obligations that need to be met before they can be marketed or launched in the eu market and then as we head towards i guess the bottom of the pyramid it's more about those with limited risk those ai systems will be subject to light transparency obligations and those with low or minimal risk there are no obligations so regulation doesn't really regulate those low or minimal risk ai systems so how do we categorize and figure out which bucket we're in so as i mentioned we've got the um unacceptable uh risk uh category and those systems are completely banned and we've got a long sort of list of the types of ai systems that would be called for that so it includes systems that deploy harmful manipulative subliminal techniques systems that exploit vulnerable users or groups um systems uh providing social scoring but only if they're used by public authorities or um you know companies acting on behalf of public authorities so that would include schools used to evaluate the trustworthiness of individuals that could then be used to have or could have discriminatory effects and then the final one is real-time biometric identification systems that are used in publicly accessible spaces for law enforcement purposes it's very important to note that it's not a ban on all biometric identification systems it's a ban on those used by law for law enforcement purposes in publicly accessible accessible spaces and again there are some exceptions that are baked into that and some provision for member states to legislate to allow for those identification systems um but then moving on to the bigger kind of bucket which is the high risk ai systems and this is where the regulation really focuses and centers um the the provisions and there are two types of systems we need to think about those that are used as a safety component of a product or a product regulated by existing eu health and safety legislation so think about toys machinery medical devices those types of things and also then separately we're looking at systems that are deployed in specific areas either components of specific or standalone products sorry so that would include biometric identification management of critical infrastructure education and vocational training employment and work and management immigration law enforcement justice focus systems so those are all going to be regulated specifically as high risk ai systems so what do we need to do well if you are wanting to put onto the market a high risk system there are now a number of requirements or there will be a number of requirements that have to be met um there will be an obligation to do what's called conformity assessments before they can be used or sold you'll also need to register in an eu database and fix the ce marking before it can be used or so sold there are also certain data training and governance requirements so um of particular interest for anybody with a privacy focus those training validation and testing data sets um must be sufficiently representative and free of errors and complete for the purposes for which you're trying to use them be interesting to see how we can ensure that data that's used to train a model is completely free of errors but that's currently how the proposal has been written there are also certain risk management requirements data quality management and governance procedures um requirements for effective human oversight of the ai systems and then of course we've talked a little bit about some of the transparency requirements that might need to be met there as well um there's also um sort of effectively cyber security incident requirements so um providers will be required to inform the national competent authority of any serious incident or malfunctioning of the high risk ai system and then we're going to see some overlap between the existing kind of notification regimes under the gppr and also under the nis rules and then finally there will also be some obligations that apply to the users so the users of those systems are going to have to make sure that the systems are operated in ance with the instructions of use they're also going to be required to ensure human oversight when using the ai system and to monitor the operation of possible risks there'll also be obligations for them to notify providers of any serious incidence or malfunctioning so potentially quite a bit of compliance work to do to be able to you know complete these assessments to make sure you've got the right governance arrangements and risk management processes in place and then just looking at the last bucket which was the low risk bucket so those are the um ai systems that are very lightly regulated here and they would cover systems that interact with humans think about chat bots also biometric categorization systems anything that's involved with emotional recognition or generating or manipulating content so deep s and those would be subject to an obligation to make people know for example provide transparency uh that you know it is a deep or that you're interacting with a chatbot but beyond that the obligations are on those are pretty light so quite a bit to come with that uh regulation but we're a little bit away off um it being approved why should anybody care about it well if you thought the gdpr fines were high as we've seen there's some of these other pieces of regulation that we've been talking about this also has a sort of eye-watering number of six percent of global turnover or up to 30 million uh euros being the potential highest fine that can be issued it ranges from as low as two percent of global turnover or 10 million euros upwards to that 30 million number depending on the infringement also the reason why this has been attracting so much attention is as has been mentioned before because this is one of the first ever ai focused legal frameworks there are many other countries we think that are looking to see where this regulation lands what the final proposal looks like because it could start to become the gold standard and much like the gdpr has inspired other privacy regulation around the world we could see that this regulation does the same as other countries look to also better regulate the use and and putting on the market of ai systems so something to keep an eye out for so i think that kind of brings us to the end of this uh session and thank you to all of my colleagues who provided excellent overviews of the various pieces of law um you know we set out here to give you an overview there's clearly a huge amount of detail behind lots of these legislative initiatives if you have any questions and want to get in touch with our team please do that we've put on this slide a number of additional resources that you might find useful if you want extra information and we also encourage you as richard mentioned to look out for further blogs uh webinars that we will invariably be doing in more detail on each of these different sort of digital regulations as we dig into the detail um but i think that brings us neatly to a close here today um just a final note to let you know uh we have another webinar coming up on the 27th of july that's going to be focused around discussing how you build a gdpr compliant analytics program so thinking about how you collect usage data how you might use data for product improvement all of those kind of t questions are ones that a lot you know we see is coming up all the time with our clients out here in the us so um yeah tune in for that one and thank you very much for joining us today you
Read moreGet more for digital signature legitimateness for npos in european union
- Create a Gmail signature in India
- Empowering your workflows with AI for electronic ...
- How do I get a digital signature with Artificial ...
- Ensuring Compliance with Digital Signature Lawfulness ...
- Unlocking Online Signature Legitimacy for Marketing in ...
- Ensuring eSignature Lawfulness for General Partnership ...
- Unlock the Power of Digital Signature Legitimacy for ...
- Boost Online Signature Legitimacy for Addressing ...
Find out other digital signature legitimateness for npos in european union
- Scale Freelance Contract Template template email signature
- Scale Freelance Contract Template template electronically signing
- Scale Freelance Contract Template template electronically signed
- Scale Landscaping Proposal Template template eSignature
- Scale Landscaping Proposal Template template esign
- Scale Landscaping Proposal Template template electronic signature
- Scale Landscaping Proposal Template template signature
- Scale Landscaping Proposal Template template sign
- Scale Landscaping Proposal Template template digital signature
- Scale Landscaping Proposal Template template eSign
- Scale Landscaping Proposal Template template digi-sign
- Scale Landscaping Proposal Template template digisign
- Scale Landscaping Proposal Template template initial
- Scale Landscaping Proposal Template template countersign
- Scale Landscaping Proposal Template template countersignature
- Scale Landscaping Proposal Template template initials
- Scale Landscaping Proposal Template template signed
- Scale Landscaping Proposal Template template esigning
- Scale Landscaping Proposal Template template digital sign
- Scale Landscaping Proposal Template template signature service